Datasec, information security awareness training program

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

1. DataSec, Information Security Awareness Training Program

Introduction

In order to ensure that the staffs are aware of consequences and potential impacts of security shortfalls it is very important to raise and maintain awareness in the area of information security.

It is important those people involved in the handling of information are educated to ensure that incidents are minimised where possible and also to provide training in what the steps to take in the event of an incident.

Information security awareness is not a one off exercise but is more a approach in order to instil a change of culture towards information security threats so that staff give proportionate consideration to information security as second nature.

To this end regular training and refresher programs shall be performed for all staff, covering fundamental principles, in addition specific sessions will be formulated and delivered to staff performing specialist roles.

Assessment Strategy

There are a number of ways to raise awareness, which will be detailed within the program plan, how in order that the maximum benefit is gained we need to understand what we are trying to achieve and how which will be included in the assessment strategy.

The security awareness program must be relevant to the organisation and its working practices, and should consider the following:

1. What methods of communications are already in use within the organisation, this is to ensure that awareness activities correspond, and can then be fed into the plan.

2. What level of awareness is already in place within Datasec, this could be gauged with a questionnaire, selecting staff from assorted area's across the organisation.

3. What subjects are to be covered, this will again correspond to the business objectives and risk, which should be obtained from senior management and could also be fed into the content of the awareness program.

4. Collection of results, feedback and improvements, this will again correlate with organisational communications methods such as an intranet site.

SAT Program Plan

The assessment program and subsequent content will be adapted to fit the needs of the organisation, to ensure that the educational content is relevant and understood by staff.

The strategic plan for this awareness program is to be set out as following:

1. Engagement with senior management

This is to ensure that the topic has the support and profile it deserves, taking a top down approach and also managing any financial impact associated with the introduction of the awareness program.

2. Define the audience, this will be dependent on role as the content and duration of educational sessions and briefings will differ, however certain common topic's will be included as a baseline for all staff.

3. Decide on the delivery methods to be used, and tailor content accordingly, for example this could be via:

* Internal one to one briefings

* Internal on to many briefings

* Externally hosted workshops

* Corporate email

* Newsletters

* Posters

* Corporate videos

* Intranet webcast

* Messages delivered by screensavers or corporate stationary.

Below is an illustration of a plan for these activities

Key:

AS = All staff

SM = Senior Management

IA = IT Administrators

SR = Security & Risk personnel

IP = Individual Project staff

Baseline Awareness for all staff

Targeted to Senior Management

Targeted to IT Administrators

Targeted to Security and risk personnel

Individual project staff with specific adhoc security requirements

Internal briefings

One to one

(IB121)

SM

SR

IP

Internal briefings one to many

(IB12M)

SM

IA

SR

IP

Workshops

(WS)

SR

IP

Email

(EM)

AS

Newsletters

(NL)

AS

Posters

(P)

AS

Videos

(V)

AS

Webcast

(WC)

AS

Corporate marketing (screensavers \ stationary)

(CM)

AS

Timeline for implementation of awareness activities:

Jan

Feb

Mar

Apr

May

Jun

IB121

SM \ SR

IA

IB12M

SM \ SR

IA

WS

SR

EM

AS

AS

AS

AS

AS

AS

NL

AS

AS

AS

AS

AS

AS

P

AS

AS

V

AS

AS

WC

AS

CM

AS

Jul

Aug

Sep

Oct

Nov

Dec

IB121

IB12M

WS

EM

AS

AS

AS

AS

AS

AS

NL

AS

AS

AS

AS

AS

AS

P

V

AS

WC

AS

CM

4. Encourage feedback and bi-lateral communication, this will also help to improve the sessions by obtaining valuable information from staff who are at the 'coal face'

5. Periodically scheduled refresher sessions, that also take into account new threats and changes to the business function and structure.

Conclusion

It is important to remember that any security awareness program is a continual activity, which has most benefit by being started as soon as possible but continues to operate while information security threats and risk to business operations exist.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.