Page 9 - Cyber-Security-Awareness-Program _Methodology_eBook_InfoSight
P. 9
Metrics and detailed reports are essential to Officers and directors are under
success. They provide continual input for the a legal obligation to involve
improvement of the program and related cyber themselves in information
security awareness activities. security. New federal regulations
and state laws impose obligations
Metrics identify gaps where targeted training may be on all officers and directors to
needed. Social engineering reports and course quiz assume an active role in
data identify areas of weakness that require establishing correct governance,
attention. management, and a security
awareness culture within their
Assess advancements in the threat landscape on a organizations.
continual basis and adjust content accordingly.
At least annually, review any new additions or
modifications to company policies and/or
procedures that need to be incorporated or
changed within your program.
To reinforce your cyber security awareness effort,
decide whether changes need to be made to
security technologies in use.
All security awareness programs are unique to each
organization. As such, each program takes on a
different form and may be carried out in a variety of
ways to meet the needs of your organization.
The materials offered by InfoSight Inc. provide a solid
foundation upon which the individual program can
be tailored, modified and expanded upon and
customizations that best suit your business
environment can be made.
9 Cyber Security Awareness Programâ„¢, InfoSight Inc. 9