Page 9 - Cyber-Security-Awareness-Program _Methodology_eBook_InfoSight
P. 9

Metrics and detailed reports are essential to            Officers and directors are under
success. They provide continual input for the            a legal obligation to involve
improvement of the program and related cyber             themselves in information
security awareness activities.                           security. New federal regulations
                                                         and state laws impose obligations
Metrics identify gaps where targeted training may be     on all officers and directors to
needed. Social engineering reports and course quiz       assume an active role in
data identify areas of weakness that require             establishing correct governance,
attention.                                               management, and a security
                                                         awareness culture within their
Assess advancements in the threat landscape on a         organizations.
continual basis and adjust content accordingly.

At least annually, review any new additions or
modifications to company policies and/or
procedures that need to be incorporated or
changed within your program.

To reinforce your cyber security awareness effort,
decide whether changes need to be made to
security technologies in use.

All security awareness programs are unique to each
organization. As such, each program takes on a
different form and may be carried out in a variety of
ways to meet the needs of your organization.

The materials offered by InfoSight Inc. provide a solid
foundation upon which the individual program can
be tailored, modified and expanded upon and
customizations that best suit your business
environment can be made.

9 Cyber Security Awareness Programâ„¢, InfoSight Inc.      9
   4   5   6   7   8   9   10