Your part in the process: using NoticeBored to raise awareness

NoticeBored process - your partSecurity awareness is probably just one of several important things your list of priorities. With a stream of content available on tap, running a best practice security awareness program is no longer such a chore. NoticeBored releases you from the burden of researching and preparing high quality awareness materials so you can concentrate what little time you have on the most beneficial and rewarding part: interacting with your colleagues.

Naturally, it is up to you how to use the materials. You have many options. The train-the-trainer guide in each module offers our suggestions, starting with checking through the module to pick out items suitable for your organization.

Customizing the materials can range in scale from doing nothing at all, up to re -branding and perhaps blending-in awareness content from other sources. As supplied, the materials encourage employees to ask questions or report security incidents and concerns through Help Desk. You may have a different name for the contact point, perhaps a dedicated email address and phone number - simply replace “Help Desk” as appropriate. Likewise with “Information Security” and so on - we use such terms consistently to make it easier for you to find and replace them.

The model security policies and procedures, job descriptions/role outlines, and security metrics discussion papers are all intended to be considered by your management. We don’t know exactly how things work in your organization, but we have a pretty good idea of what constitutes good security practice, partly due to our long-standing involvement with the ISO/IEC 27000 series standards.

Deploying the materials across the organization may involve circulating selected items online, through email or on paper. Printing and distributing the posters, briefings, diagrams and crosswords on paper as desk-drops, leaflets and handouts takes the awareness program to employees who are not chained to their PCs - remember this is information security not IT security. Even the janitor has a role in information security!

If you are seriously pushed for time, you might just publish selected NoticeBored materials on your intranet, keeping the site fresh and topical. Maybe you could contribute an information security column for your staff magazine, or a topical update section in Information Security’s regular management reports - perhaps something that you would love to do now if only you had the time to create the content!

NoticeBored complements the rather drab, lifeless, limited and often badly outdated content normally provided in Learning Management Systems: simply cut-n-paste fresh content into your LMS and/or provide supplementary course materials to students, deepening and extending the learning experience beyond the screen.

Given the choice, we recommend the personal touch such as delivering awareness seminars, workshops, training sessions and meetings. How about delivering a short ‘information security update’ at management meetings?  The case studies, quizzes and other interactive events turn boring lectures into lively and memorable experiences, with plenty of opportunity to think, laugh and ask questions. As well as passing security awareness messages across to your colleagues, face-to-face contact gives them the opportunity to raise concerns, a bidirectional information exchange that keeps Information Security in-tune with the business. Building your social network of security ambassadors or awareness helpers, and interacting with employees throughout the organization, drives information security to the next level in building your corporate security culture.

Find out what we achieve by working together

 

HomeAbout NB > Your part in the process >

Copyright © 2016 IsecT Ltd.