We offer these white papers to demonstrate the quality and style of our writing, to encourage you to plan and execute your own information security awareness program and to give something back to the Internet
community that gives us so much. We hope you find them valuable. Do let us know if you would like further information, or if you want us to write or publish something on a specific information security topic. We write a lot. It’s what we do, our passion.
Security awareness professionals - job descriptions
A set of three template/generic job descriptions for professionals to manage and deliver your security awareness program. [Further templates for other
information security roles are provided most months in the NoticeBored awareness modules.]
7 steps to security awareness
If you think you might like to run a security awareness program but are not sure where to start, take a look at our white paper. We outline the process for
drawing up your requirements, evaluating and selecting suitable solutions and so leading up to the point where you can launch your program. This is a generic process description, not specific to NoticeBored.
Human factors in information security
A short paper succinctly summarizes the innovative concepts underlying the NoticeBored service.
Raising security awareness through marketing
Using a simplified seven-step process, this white paper describes the application of marketing techniques to information security awareness. Branding
information security as something that people perceive as inherently valuable and worthwhile is a powerful way to persuade them to behave more securely.
Just what is so important about information security awareness anyway and, by the way, is security awareness enough? This white paper explores the
thinking behind NoticeBored, and includes a growing collection of sage comments relating to security awareness from experts in the field.
Security awareness business case
Here is a generic cost-benefit justification for investment in a structured security awareness program. Even if you do not intend to become a NoticeBored
subscriber, you will hopefully find the ideas in this paper useful if you need to persuade your management to invest in security awareness (although we
are confident your program won’t be quite so cost effective as one based on NoticeBored!).
7 myths about security metrics
A white paper on information security metrics, originally published in the ISSA Journal, dismantled seven common myths about security metrics and went
on to outline a rational process for selecting useful metrics. The paper in part inspired the book PRAGMATIC Security Metrics.
NB: unlike many other Websites, we don’t require you to submit any personal information to download our papers. Our work is protected by copyright. Please respect our intellectual property rights.
Plagiarists beware! A top team of IPR lawyers has had great success so far in protecting our rights. Intellectual property is close to our hearts. Don’t mess with us. We bite back.