One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 409101 |
| Date de publication | 2017-08-17 14:41:54 (vue: 2017-08-17 14:41:54) |
| Titre | NBlog August 17 - InfoSec 101 for management |
| Texte |  Today I've revised the management seminar for Information Security 101. Given our deliberately wide brief, there's quite a lot to say even at the relatively superficial 101/introductory level, so we're using thought-provoking pictures (mind maps, process diagrams and conceptual imagery) in place of reams of text and tedious bullet points. The whole seminar works out at just 12 slides ... at least that's the management seminar slide deck we'll be providing to subscribers. They can adapt the content, perhaps incorporating extras or indeed cutting back on the supplied content - and that's fine by us.In fact, more than that, we actively recommend it! Much as we would like to offer awareness materials tailored for each customer, we simply don't have the resources. For starters, we would need to spend time getting to know and then keeping abreast of each customer's specific circumstances and needs ... and being information security related, there are confidentiality implications in that. Instead, we prefer to invest in research and development of high-quality cutting-edge awareness content, delivering editable materials that our valued customers can customize as they wish.Keeping up with the field is quite a challenge, a fun one for us. In the 3 years or so since the InfoSec 101 module was last revised, we've witnessed the rise of BYOD, ransomware and cybersecurity. Current issues include IoT security and, looking forward, GDPR is set to make big waves in privacy in less than a year's time.Most months we encourage customers to check and update their induction and other training course materials, picking and choosing from each new batch of NB content as appropriate. On a more subtle level, we're gently hinting that they should be proactively maintaining and refreshing their awareness and training content as a whole because outdated material can literally be worse than useless. If you work for a mid- to large-sized fairly mature organization, chances are your security awareness content includes stuff that is no longer relevant and misses out on emerging issues, even if you have someone dedicated to running the awareness and training program. If you are in a small organization with very limited resources, or one that depends on course materials updated 'whenever, if-ever', is it any surprise if newcomers get the impression that information security is unimportant, not a priority? |
| Envoyé | Oui |
| Condensat | get if instead much 101 101/introductory abreast actively adapt any appropriate are ark august awareness back batch battles beat because been being big bored brief briefings bullet byod can challenge chances check choosing circumstances coffee conceptual confidentiality content course current customer customers customize cutting cybersecurity damaged deck dedicated deliberately delivering depends development diagrams dog don each eared edge editable emerging encourage even ever extras fact fairly field fine forward from fun gdpr gently get getting given have high hinting imagery implications impression include includes incorporating indeed induction information infosec invest iot issues just keeping know large last least less level like limited literally longer looking lot maintaining make management maps material materials mature mid mind misses module months more most nblog need needs new newcomers news not noticebored offer old one organization other out outdated over people perhaps picking pictures place points policies posters prefer priority privacy proactively process program providing provoking quality quite ransomware realisation reams recommend refreshing related relatively relevant research resources revised rise running same say security seminar set should simply since sized slide slides small smell someone specific spend sprang starters stiff stuff subscribers subtle superficial supplied surprise tailored tedious text than that the infosec then there those thought time tired today training unimportant update updated useless using valued very wake water waves way whenever whole wide wish witnessed work works worse would year years your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.