Previous posts in this series: http://advanced-engagement.com/mature-security-awareness-programme/ AND http://advanced-engagement.com/create-security-awareness-strategy/
Why create a security awareness strategy guide?
You’re avoiding common security awareness mistakes, most noteworthy not attempting to give face to face training to all staff. As a result it is common at this stage to start looking for a vendor to fulfil your needs.
We’d caution you to take stock and create a Security Awareness Strategy.
There are a number of good reasons for this including:
- It forms a document against which all of your efforts can be measured
- Your stakeholders can explicitly buy into the strategy
- It includes specific success criteria which aligns with reality, i.e. culture change won’t happen in a week!
Especially relevant to any activity that relies on communication is stakeholder buy-in. This is a key element of the guide. As a result you’ll have key artefacts you can use when initially engaging stakeholders.
If we’ve whet your appetite please fill in the form that pops up on this page. Subsequently, we’ll email you a copy of the guide.
Using the guide
We’ve structured this how-to guide in terms of the steps you should take rather than how you might choose to present the final strategy. For example, to present the strategy to stakeholders for authorisation you may want to put the Objectives and Goals sections at the beginning. Iteration is a good approach to use with this guide.
You are free to use this guide but please attribute where appropriate. We’d also appreciate any feedback including success stories to firstname.lastname@example.org
If you enjoyed this post please come back regularly. We’ll update you on upcoming information of security awareness events across Scotland and further afield. @adv_engage