Monday, June 2, 2014
CISOs Reveal Top Firms Failing on Security Awareness Training
Is this a failure of will, or of process, or of failing to enforcement policies and procedures? There's something to be said about a draconian approach to enforcement. Touchy-feely really doesn't work.
With resources like these books available, there's no reason for this failure.
Managing an Information Security and Privacy Awareness and Training Program, Second Edition
Asset Protection through Security Awareness
Here's a partial list of available articles:
Why Information Security Training and Awareness Are Important
The ABCs of a Persuasive Security Awareness Program
Implementing an Information Security Awareness Program