One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 459428 |
| Date de publication | 2018-01-19 15:30:23 (vue: 2018-01-19 15:30:23) |
| Titre | NBlog January 18 - the business case for security awareness |
| Texte |  A day or so ago I wrote about organizations being pressured into security awareness for compliance reasons. With some exceptions, compliance is externally imposed and doesn't directly benefit the organization through increased profits - rather it avoids or reduces the losses and costs (including penalties) associated with noncompliance. That is still a financial benefit but with negative, oppressive connotations. Today I'm moving on to more positive, profitable matters, the business benefits arising from security awareness and training, of which there are several:Better recognition and identification of information risksMore appreciation and understanding of information risksFewer, less costly incidentsBetter governanceGreater organizational and personal resilienceOrganizational learning and sustained improvement (maturity)A genuine, deep-rooted and all-encompassing corporate security cultureDeterrenceGetting the most out of other information security controlsOther spin-off benefits e.g. inventories of information assetsYou may have spotted an underlying theme, in that most of the benefits of security awareness and training stem from better information risk management. In a sense, awareness is 'just another security tool', but one with a multitude of applications, more Swiss multitool than hammer.I am fleshing out all those bullet points into a template "Business case for an infor |
| Envoyé | Oui |
| Condensat | that today with about ago all another applications appreciation are arising article assetsyou associated avoids awareness being benefit benefits better bullet business but case compliance connotations controlsother copy corporate costly costs culturedeterrencegetting day deep directly doesn email encompassing exceptions externally february financial finished fleshing from genuine governancegreater hammer have heights help identification imposed improvement incidentsbetter included including increased information inventories january just learning less list for losses love management matters maturity may me to module more most moving multitool multitude nblog negative new noncompliance noticebored off one oppressive organization organizational organizations other out penalties personal persuade points positive pressured profitable profits program rather reasons recognition reduces resilienceorganizational risk risksfewer risksmore rooted security sense several:better some spin spotted stem subscription sustained swiss take template than theme those through tool training underlying understanding which wrote your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.