Your part in the process: using NoticeBored to raise awareness
Security awareness is probably just one of
several important things your list of priorities. With a stream of content available on tap, running a best practice security awareness program is no longer such a chore. NoticeBored releases you
from the burden of researching and preparing high quality awareness materials so you can concentrate what little time you have on the most beneficial and rewarding part: interacting with
Naturally, it is up to you how to use the materials. You have many options. The train-the-trainer guide in each module offers our suggestions, starting with checking through the module to pick out
items suitable for your organization.
Customizing the materials can range in scale from doing nothing at all, up to re
-branding and perhaps blending-in awareness content from other sources. As supplied, the materials encourage employees to ask questions or report
security incidents and concerns through Help Desk. You may have a different name for the contact point, perhaps a dedicated email address and phone
number - simply replace “Help Desk” as appropriate. Likewise with “Information Security” and so on - we use such terms consistently to make it easier for you to find and replace them.
The model security policies and procedures, job descriptions/role outlines, and security metrics discussion papers are all intended to be considered by
your management. We don’t know exactly how things work in your organization, but we have a pretty good idea of what constitutes good security practice, partly due to our long-standing involvement with the ISO/IEC 27000 series standards.
Deploying the materials across the organization may involve circulating selected items online, through email or on paper. Printing and distributing the
posters, briefings, diagrams and crosswords on paper as desk-drops, leaflets and handouts takes the awareness program to employees who are not chained to their PCs - remember this is information security not IT security. Even the janitor has a role in information security!
If you are seriously pushed for time, you might just publish selected NoticeBored materials on your intranet, keeping the site fresh and topical. Maybe you
could contribute an information security column for your staff magazine, or a topical update section in Information Security’s regular management reports - perhaps something that you would love to do now if only you had the time to create the content!
NoticeBored complements the rather drab, lifeless, limited and often badly outdated content normally provided in Learning Management Systems: simply
cut-n-paste fresh content into your LMS and/or provide supplementary course materials to students, deepening and extending the learning experience beyond the screen.
Given the choice, we recommend the personal touch such as delivering awareness seminars, workshops, training sessions and meetings. How about
delivering a short ‘information security update’ at management meetings? The case studies, quizzes and other interactive events turn boring lectures into
lively and memorable experiences, with plenty of opportunity to think, laugh and ask questions. As well as passing security awareness messages across
to your colleagues, face-to-face contact gives them the opportunity to raise concerns, a bidirectional information exchange that keeps Information
Security in-tune with the business. Building your social network of security ambassadors or awareness helpers, and interacting with employees
throughout the organization, drives information security to the next level in building your corporate security culture.
Find out what we achieve by working together