Scribd Logo
Upload

Welcome to Scribd!

  • Security Awareness Module V1.0

    Uploaded by

    Vinothini Mariappan
    7 views15 pages
    This document outlines the need for security awareness training across different groups in an organization. It discusses how receptionists, end users, IT staff, managers, and executives all have different security awareness needs. A variety of training methods are recommended to educate these groups, including newsletters, lunch presentations, computer-based training, and security fairs. Specific topics that could be covered include social engineering, digital rights management, networking, passwords, and legal issues. The goal is to ensure everyone in the organization understands their role in maintaining security.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document outlines the need for security awareness training across different groups in an organization. It discusses how receptionists, end users, IT staff, managers, and executives all have different security awareness needs. A variety of training methods are recommended to educate these groups, including newsletters, lunch presentations, computer-based training, and security fairs. Specific topics that could be covered include social engineering, digital rights management, networking, passwords, and legal issues. The goal is to ensure everyone in the organization understands their role in maintaining security.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views15 pages

    Security Awareness Module V1.0

    Uploaded by

    Vinothini Mariappan
    This document outlines the need for security awareness training across different groups in an organization. It discusses how receptionists, end users, IT staff, managers, and executives all have different security awareness needs. A variety of training methods are recommended to educate these groups, including newsletters, lunch presentations, computer-based training, and security fairs. Specific topics that could be covered include social engineering, digital rights management, networking, passwords, and legal issues. The goal is to ensure everyone in the organization understands their role in maintaining security.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    INFORMATION SECURITY

    AWARENESS

    SECURITY AWARENESS
    AWARENESS FOR EVERYONE
    RATIONALE FOR
    SECURITY AWARENESS

    • When we leave for


    work in the morning,
    we automatically lock
    our doors.
    • We need to have the
    same automatic locks
    for our computers.
    IDENTIFY THE POPULATION

    • Home users
    • Reception area
    • End users
    • IT departments
    • Management
    • Executives
    IS YOUR ORGANIZATION SECURE?
    IF YOU DO NOT REACT QUICKLY
    YOUR SECURITY WILL WASH AWAY
    IN THE WORKPLACE

    • The reception area is


    the first line in defense
    for many companies,
    and as such they need
    to add to the basic
    users’ skill set:
    • Physical security
    • Social Engineering
    END USER NEEDS

    • All end users need to


    understand the same
    issues.
    • How will these issues
    affect their employers:
    • Social engineering
    • Digital Rights
    Management (DRM)
    including piracy
    INFORMATION TECHNOLOGY NEEDS

    • IT departments’ needs
    build on the previous
    groups with the
    additions:
    • Network security
    • Writing secure code

    Protected By People
    MANAGEMENT NEEDS

    • Managers must
    understanding of “why”
    security to make good
    management choices
    • Social Engineering
    • Unauthorized removal of
    information
    • Employee Security
    • Digital Right Management
    EXECUTIVE

    • Executives need to
    understand that they
    are ultimately
    responsible for the
    security of their
    company.
    • Laptop security
    • Legal Issues
    ENTERPRISE LEVEL SECURITY

    • Enterprise security is the overarching umbrella for security


    needs.
    • Policies and procedures
    • Incidence response
    • Emerging technologies such as biometrics
    IDENTIFY COUNTERMEASURES - 3

    • Newsletters and news clipping services


    • Brownbag lunches
    • Computer Based Training (CBT)
    • Instructor lead sessions
    • Security fairs
    • Posters
    • Knick-knacks
    IDENTIFY BROWNBAG TOPICS -4

    • Pornography • Cell phones


    • Coding • PDAs
    • E-mail Issues • Spam
    • Networks • Patch Management
    • Passwords • DRM
    • Physical Security • HIPPA
    • WiFi use • Biometrics
    TOPICS CONTINUED:

    • Cryptography
    • Social Engineering
    • Physical security
    • Unauthorized Removal of Information
    • General and Specific Legal Issues
    • Laptop Security
    • Anti-virus Issues, Worms, and Trojan Horses

    You might also like