Over the years while working with organisations from the very small in scale to the very largest we have noticed consistently that the Process and Technology elements of Security are the focus of information security programmes, while the People side of things is left behind as a nice to have or something that should be considered once the other elements have been largely addressed.

Security Awareness BMIS Triangle

There seem to be several reasons for this, including:

  • The difficulty of articulating the reduction of risk or return on investment;
  • Lack of skill set;
  • The self-fulfilling perception that Security is a back-office function that deals with technology and keeps quiet;
  • Let’s be honest, some would rather buy some new technology to play with than tackle a somewhat more subjective “soft” subject.

We deliver highly engaging Security Awareness Programmes from our platform.

As a function within any organisation, Security, whose role is to understand and reduce risks related to security threats, competes with many other priorities such as marketing, increasing revenue and R&D, to name but a few. With the continued growth of Cybercrime and other threats, the tide continues to rise against organisations who are not prioritising security in line with the threat faced.

In these circumstances, the rational approach is to consider all activities that could be used to mitigate risk. The use of security awareness training can be a powerful tool in that regard, the better the behaviours of the organisation the less likely it is that a Phishing link will be clicked or that sensitive information will be sent out of the organisation without the protection it needs.

All of this makes sense but how is a security manager to make sure the right messages are being communicated, how are they to make sure the messages are delivered in a way that people will pay attention to and how to make sure that organisational behaviours are changed for the better?

Advanced Engagement came into being to address those questions. We deliver highly engaging Security Awareness Programmes from our platform as well as working with organisations to help them understand the culture from a security perspective and work with that knowledge to communicate with the organisation in a better way (https://www.advanced-engagement.com/#services).

If you enjoyed this post please come back regularly for further updates including upcoming information of security awareness events across Scotland and further afield. @adv_engage