One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 409090 |
| Date de publication | 2017-09-01 10:00:07 (vue: 2017-09-01 10:00:07) |
| Titre | NBlog September 1 - back to basics: InfoSec 101 |
| Texte |  When someone initially joins an organization, they immediately start absorbing the corporate culture – 'the way we do things here' – gradually becoming a part of it. Most organizations run security orientation or induction sessions to welcome newcomers and kick-start the cultural integration process, with individual sessions lasting between a few minutes and a few hours depending on the topics to be covered, local practice, and of course the audience (e.g. there may be a quick-start process for managers, and more in-depth training for technical specialists).Let's be honest: orientation tends to be as dull as a lecture on the dangers of teenage pregnancy. It's trial-by-fire, something to be endured rather than enjoyed. The new NoticeBored Information Security 101 module covers common information risks (e.g. malware) and controls that are more-or-less universal (e.g. antivirus). The awareness materials are deliberately succinct and quite superficial: they outline key things without delving into the details. Given the context of a continuous NoticeBored-style security awareness program delivering a stream of fresh materials, there's no need to cover everything about information risk and security in one hit. The pressure's off. Relax! All we really need in the induction session do is help newcomers set off on the right foot, engaging them as integral and valuable parts of the organization's Information Security Management System. That leaves room to focus on an even more important objective, one that we will expand upon in next month's module. Building relationships between Information Security professionals and business people in general, makes a huge difference to the corporate security culture. Think about it: would you rather pick up the phone to the friendly professional who took time to meet you when you joined the organization, or a total stranger? |
| Envoyé | Oui |
| Condensat | as given antivirus email it malware that the 101 101 module 27001 about absorbing accompanied all also are audience awareness back basics: becoming between bringing building business common compliance context continuous controls corporate costs count course cover everything covered covers cultural culture dangers deliberately deliver delivering delving depending depth designed details difference dss dull endured engaging enjoyed even everybody expand explaining facilitates fire first focus foot foundation free fresh friendly general getting gradually gst help here hit honest: hours huge immediately important impressions impressive individual induction information infosec initial initially integral integration interesting introduces introducing iso/iec it: joined joins just key kick kiwis lasting launch leaves lecture less let level literally local makes management managers materials may meet minutes module month more most nblog need new newcomers newcomers set next noticebored objective off one organization organizations orientation other outline page part parts pci people perhaps phone pick plus policy practice pregnancy pressure process professional professionals program quick quickly quite rather really reasons regular relationships relaunch relax right risk risks room run same security sense september session sessions someone something specialists start stranger stream style subscription succinct superficial: support supporting system technical teenage tends than them there things think time took topics total training trial understanding universal upon us$645 valuable way welcome well when who will without would |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.