April’s awareness topic is security innovation

Introduction and scope

Wanted: security innovator THUMBNAILA key security awareness message for April is that we cannot afford to let the bad guys get too far ahead of us, which leaves us no option but to innovate at a similar rate as them, maintaining and updating our information security, getting creative at times to address the risks in the most effective manner.

“To keep innovating successfully, organizations must:

  • Invest in state-of-the-art programs that enable the company to outmaneuver adversaries instead of spending more on existing programs.
  • Refuse to stand still when it comes to cybersecurity; organizations need to innovate continually to stay ahead of potential attackers”

Accenture Security Index

We also need help to spot, report and respond to emerging dark-side threats, a valuable rôle for our extended family - the social network of information security professionals, friends and contacts, both within and without the organization.

That need stimulated our creative juices to design the wanted poster ->

The awareness module sneaks a sideways glance at the information risks and controls associated with the process of innovation.  Intellectual property rights are the subject of a complete NoticeBored module so this month a brief mention will suffice without going off at a tangent and getting bogged down in the mire of, say, patents and licensing.

Learning objectives

The latest NoticeBored module aims to open workers’ eyes to innovation and creativity on the Dark Side (e.g. new ways for hackers, criminals and fraudsters to target, mislead, compromise, defraud and exploit both organizations and individuals) and explore innovation and creativity on the Light Side (e.g. new ways to secure personal and corporate information, new security technologies and services etc.).

Think about your awareness objectives in relation to security innovation and creativity.  Are there specific business concerns or goals in this domain, or more broadly?  Is innovation a strategic issue, for instance a part of your corporate mission?

This topic is likely to be of interest to business departments or functions with a strong creative brief (e.g. Research & Development, Marketing) and HR.  Hunt down any recent or ongoing innovative business projects, products or initiatives, quizzing the managers/leaders for information about the innovation and security aspects.  Incorporating notable comments, challenges, achievements and anecdotes is an excellent way to customize the generic NoticeBored content for your organization.  Can you persuade your contacts to help present/deliver the awareness messages in person?  If not, will they at least spare an hour to comment on and contribute to the awareness materials? 

Inside the NoticeBored module

The April module is an 80 Mb ZIP file containing  the following awareness materials:

Security innovation module contents

That listing only briefly outlines the content.  Discover the thought that went into creating the individual items, and how the whole module evolved, through the NoticeBored blog.  We’re blogging right through April as we prepare the May module, so track the blog to keep up with developments.

Building a security culture through awareness

A security culture involves everyone in the organization, top to bottom, collectively valuing, protecting and (where appropriate!) exploiting information. 

Subscribe to NoticeBored for fresh perspectives on information risk and security within the corporate context.  NoticeBored picks up on the strategic, governance, compliance and business aspects, particularly in the management stream of course but the principles underpin the general staff and professional streams too.  Information is a valuable and yet vulnerable asset that needs to be protected for sound business reasons.

Home > NB this month >

Copyright © 2017 IsecT Ltd.