|
In any Information Security Strategy, human awareness is a fundamental element. Our Information Security Awareness Program ensures that the right actions and the right technology cooperate together to enhance the system's security.
The Awareness Program has been well-designed and tailored to meet the specific needs of its audiences, using innovative and interesting techniques alongside up to date and relevant content.
Buy-in from executive management and other key stakeholders is crucial to the success of the program. This has been clearly demonstrated through measurable performance indicators.
In any Information Security Strategy, human awareness is a fundamental element. Our Information Security Awareness Program ensures that the right actions and the right technology cooperate together to enhance the system's security.
The Awareness Program has been well-designed and tailored to meet the specific needs of its audiences, using innovative and interesting techniques alongside up to date and relevant content.
Buy-in from executive management and other key stakeholders is crucial to the success of the program. This has been clearly demonstrated through measurable performance indicators.
Design
We begin by identifying the legal and regulatory requirements, the key stakeholders and the businesses unique needs. Using this information to conduct an assessment of the organizational goals and risks. We then align this with the business, IT, information security, marketing and communications strategy.
Once we have all of this information we are able to conduct a clear scope that will include the assessment of the required training. We can then determine the program, technique for training and the target audience. And finally, we will work with you to ensure that we have key metrics and performance indicators in place.
Development
We first form a team to identify stakeholder roles and responsibilities, and survey the security awareness metrics. Then we develop KPIs both for operational and delivery, as well as the lag measures (outcome). Communication and marketing plans for the program, as well as the content publications are also promptly executed. We identify the mode, method and techniques for training and awareness, and base it upon a baseline of security awareness status.
Execution
We run a marketing campaign to promote the awareness program, and establish a proactive communication strategy. This involves interactions and engagements with the stakeholders and communication department. Our standard set up is 2 or 4-week campaign for IT Security Awareness. This ensures that our aim is not just to inform, but also to build habits. We build traction and participation for the program by creating quizzes, prizes, handing out posters, online training in addition to onsite training. During and after the execution of the program, we record feedbacks and make additional improvements to optimize the learning process.
 |
 |