Cyber Security Awareness Series

As a security professional, you may agree to the fact that security awareness and training is an ongoing exercise in any organization. Most people in your organization would not even bother to think about security when working on their projects to meet their deadlines. As a security professional, we need to devise new ways to make people understand about security. It may be through web-based training or an awareness session or mailers or some innovative mechanism which you have thought of.

Whatever mechanism you employ to impart any security awareness training; it is often seen that security professionals start delivering sermons where they only reiterate the organization’s security policies. Cybersecurity Awareness, however, should not only be limited to the organizational policies when delivered. In my opinion, the next time you send a mailer or a training session, you can try sharing certain fictitious or original security scenarios. Users generally don’t appreciate when you dictate or flood them with multiple aspects of your security policy. Users are likely to retain and appreciate the same aspect of the do’s and don’ts if communicated via a video tutorial or a story.

In order to help you out, I would be sharing such scenarios covering various aspects of information security. These scenarios will be generic in nature and focus on the importance of following the security policies. Certain scenarios will also focus on cybersecurity and hygiene which we all should follow in our personal lives. Given the focus and the need for us to transact and live our lives digitally, it is imperative that we learn about phishing, identity theft, privacy, social engineering, digital fraud, smartphone data theft, password sharing etc.

It would be great if you use such scenarios to spread awareness and share your feedback on the same.

Note: All stories in this series are a work of complete fiction and published to spread security awareness. Any resemblance to any character is purely coincidental.


You may also like to read...

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

Identification, Authentication, Authorization, and Accountability

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

How to Pass SSCP Exam in the First Attempt

The Endorsement Process - CISSP, SSCP & other (ISC)2 certifications