Page 5 - Cyber-Security-Awareness-Program _Methodology_eBook_InfoSight
P. 5

In the planning phase, you will decide on the                 Awareness training can ensure personnel
ownership, roles and responsibilities of the individuals      have a solid understanding of their
who will be involved in the program. You will also            employer’s security practices and
secure the funding and executive level support                policies. In contrast, one uninformed
needed for a successful program.                              individual can do substantial harm to an
                                                              organization’s systems and place its data
• Involve upper management. When upper                        and reputation at risk.
     management says security is important and practices
     what he/she teaches, people take notice. The same
     goes for all administrators and managers down the

• Appoint the right person to lead the charge. Dedicate
     at least one person to focus 100 percent of their
     energy on cyber security awareness across the
     organization. This person needs to be an individual
     who communicates well and knows how to sell,
     market, and build relationships.

• Do your research. Understand the target audiences
     and their organizational culture in order to customize
     your message for greater retention. Different levels of
     training are likely needed for different job functions.

• Build relationships. Security messages must permeate
     the enterprise for the awareness program to be
     successful. With minimal resources to carry out the
     program, it’s important to build strong relationships,
     engage influencers, and nurture those connections.

• Create ambassadors. Cyber security ambassadors are
     the individuals in your organization who are willing to
     evangelize cyber security awareness and directly
     influence behavior change.

Determine your budget for the program, including the
purchase of cyber security awareness materials such as
online learning courses, articles for your website,
newsletters, videos, posters, email campaigns, games and
other educational content.

5 Cyber Security Awareness Program™, InfoSight Inc.           5
   1   2   3   4   5   6   7   8   9   10