Read NBlog, the NoticeBored blog
Click the banner for the site map of NoticeBored.com, the information security awareness service
About NoticeBored

Creative security awareness content from NoticeBored

NoticeBored is our innovative subscription service.  Every month we supply a a new module, a fresh batch of awareness materials for your staff, managers and IT professionals, each module covering a different information security topic. 

Three Es model

A NoticeBored subscription helps you:
 

  • Establish the requirements for information security in policies based on assessing the risks, and make your employees aware of their compliance obligations;
     
  • Educate employees on the security requirements and their obligations through continuous awareness and compliance activities throughout the year; and
     
  • Enforce the rules defined in policies, standards, procedures and guidelines with compliance activities, coupled with learning, feedback and continuous improvement using “near-misses” as well as actual information security incidents.

 

Use our high quality, engaging awareness materials to kick-start your information security awareness program, and make security a regular part of the business.  Build and maintain a high level of security awareness all year long - not just for the short period following an annual awareness training session.  Establish a genuine, deep-rooted security culture by:

  • Informing employees about current information security risks, illustrating them through topical news stories about real-world incidents;
  • Explaining, justifying and promoting good practice security controls through commonsense security policies, procedures, guidelines, briefings, seminars, posters etc.;
  • Describing information security roles, activities and obligations, promoting accountability and responsibility, and positioning security compliance as something that benefits both the individual and the organization;
  • Encouraging employees to think and talk openly about information security matters, making it more visible and approachable and achieving consensus on acceptable security practices;
  • Gaining employees’ active participation in the organization’s security infrastructure, gDownload the NoticeBored product data sheet (PDF)oing beyond simply ‘being aware’ by motivating employees to act more securely;
  • Growing and maintaining employee’s interest in information security over the long term, avoiding boredom by continually covering fresh topics;
  • Measuring progress on security awareness - testing knowledge, comparing parts of the business and generating metrics to drive information security improvements;
  • Most of all, turning good security practices into a subconscious habit, ‘the way we do things here’.

Find out what makes security awareness so important, and why it’s our passion, in our popular white paper on the value of security awareness.  The NoticeBored product data sheet PDF file covers the main features.  Browse this part of the website or contact us for more details.

 

A quote from a

 

Next generation security awareness

Information security awareness is what we do, it’s our passion.  You probably have other things that fire your imagination and that’s fine, but think of us first when someone suggests you really ought to have a security awareness program.

We are proud to have been acknowledged as a “best practice expert” in security awareness by ENISA, the European Network and Information Security Agency.  Our Business Case for an Information Security Awareness Program contributed to ENISA’s Users’ Guide: How to Raise Information Security Awareness.  The Users’ Guide expands considerably on our white paper with helpful advice to small companies on how to plan and establish security awareness programs.

While we don’t sell security technologies such as antivirus and firewalls, we have absolutely no problem with organizations using them as part of their information security management systems.  NoticeBored fills in the gaps between the technologies, tackling the human factors - those awkward and ill-defined issues that technology alone cannot solve.  But the best kept secret is that we also support and leverage those very same technologies by helping IT professionals and general managers appreciate their part in the bigger picture.  Do your IT people and managers understand the pivotal role they play in information security?  Or is security just another annoying barrier to them, something to be bypassed or avoided whenever possible?

Chris Potter, leader of the excellent biannual UK information security breaches survey, described the lack of security awareness as one of the biggest ongoing issues revealed by the survey. “The survey shows that staff are increasingly targeted by social engineering attacks (where outsiders try to obtain confidential information from employees).  In addition, businesses are becoming increasingly concerned about what is being said about them on social networking sites (such as MySpace, Facebook and Bebo), and some staff have posted confidential information on these sites.  This is a pretty dangerous combination.  Fortunately, there is some good news.  Companies are hardening their technical controls ... In addition, the proportion of companies that have an information security policy has quadrupled over the last eight years.  Most companies take active steps to tell their staff about their security policy and the risks they face.  However, companies are realising that increasing security awareness is only part of the answer.  The critical issue is changing people’s actual behaviour.  Too many users have a ‘click mentality’ - they become blind to warning pop-up boxes and do what expedites their current activity rather than what they know they ought to.  It is a bit like the road speed limit - everyone knows they shouldn’t speed, but many people go ahead and do so.  So, the agenda seems to be moving on from simple ‘first generation’ security awareness and onto ‘the next generation’ of behavioural change.  Many information security specialists, while knowledgeable about policy and technical issues, lack the skills to deliver true behavioural change into their businesses.  Only by working with other specialists, such as the marketing and HR functions, and by embedding security into the mantra of the middle manager, will businesses realise the benefits of a security -aware culture.”  Hear hear Chris!

Quoted from Deloitte's 2009 survey

NoticeBored promotes information security continually, year-round.  Aside from the awareness materials themselves, we suggest awareness activities, using techniques from marketing/advertising and education to both extend and deepen the awareness program’s reach and build a strong security brand.  Rather than simply broadcasting security imperatives at employees, draw on our creative energy to actively engage them as integral parts of the information security management system.

Find out lots more about NoticeBored in this section of the website.
Home > About NB >

Copyright © 2013  IsecT Ltd.