5. Security awareness screensavers 5 PC screensavers
These screensavers make handy security reminders for new employees’ first few days at work, or to accompany the awareness program launch. As with all the NoticeBored materials, you are welcome to pick
one, several or none depending on your requirements. You can also customize the screensaver contents - contact us for simple instructions.
-
Three screensavers step sequentially through the slides from the three Information Security 101 seminar presentations (items #1, 22 and 30).
-
One steps through the security awareness program launch slides (item #2).
-
One displays the poster images (item #3) in a random sequence.
6. Information Security 101 awareness briefing 1 page
A succinct leaflet with the bare minimum of basic information security advice for general employees. Condensing information security to the essentials avoids overloading people with information on their first
day at work, whilst introducing them to the breadth of advice available from your Information Security function, CIO and/or IT Help/Service Desk.
7. Information Security 101 case study 2 pages
The case concerns a simple error that leads to a security incident. The case study consists of a brief paragraph describing the scenario, followed by 4 questions for attendees to consider and then discuss. We
also supply a set of ‘model answers’ in case the teacher needs some prompts to get the discussion going.
8. Information Security 101 staff top tips 1 page
Ten top information security tips for employees, plus a mind map for those who prefer pictures to words.
9. Information Security 101 guideline on choosing good passwords 1 page
The guideline encourages people to choose strong yet memorable passwords, and keep them secret.
10. Information Security 101 bookmarks x4
This is simply a set of double-sided bookmarks with basic security tips on one side and apt security quotations on the reverse. These make cheap but useful freebies to give out on day 1.
11. Information Security 101 jumbo crossword puzzle ~180 words
The jumbo crossword puzzle gives clues to lots of commonplace information security terms, making it substantially more difficult than the normal monthly NoticeBored puzzles. New employees may need some
assistance to solve the crossword - perhaps their new work colleagues would be able to help? We provide the solution too, just in case you’re stuck for answers.
12. Information Security contact card with the ten security commandments 1 page
A double-sided but credit-card-sized Word document reminds people of Information Security’s Ten Commandments and has emergency contact information in case of security incidents.
13. Information Security 101 FAQ 1 page
Provides the answers to frequently asked basic questions about information security.
14. Information Security 101 reminder postcard 1 page
The postcard reminds employees about their information security obligations a little while after they have undertaken the Information Security 101 session.
15. Information Security 101 security awareness survey form 1 page
Use the survey form to assess the level of security awareness of new recruits and get their feedback on the induction process. If you are about to launch your awareness program, a preliminary awareness survey can
provide baseline metrics to demonstrate the gradual improvement as your program takes effect.
16. Information Security 101 awareness test 1 page
Check that employees understand and can recall the basic security awareness messages included in the module with this quick test. The four questions can be incorporated into online Learning Management Systems.
17. Information Security 101 glossary 50 pages!
Explains information security terminology - the jargon security professionals sometimes take for granted. This Word document contains numerous hyperlinks to the definitions of specialist terms used in other
definitions, and as such is ideal for publication on Information Security’s intranet Security Zone (see item #33).
18. Information Security pledge 1 page
If you need employees to acknowledge their security obligations formally, this ‘security pledge’ goes further than the usual boring ‘Sign here to confirm that you have read the security policy’ form.
19. Information Security 101 course completion certificate 2 pages
Show your appreciation for students completing the course with a fancy certificate plus a covering letter from the Information Security Manager.
20. Information Security 101 hyperlinks collection online
The InfoSec 101 module contains a link to an HTML page of annotated hyperlinks pointing at relatively straightforward general-purpose information security resources on the Web.
Stream B: Basic security awareness materials for managers
21. Information Security 101 diagrams x6
These colorful diagrams give a graphical high-level overview of the key aspects of information security for general employees, managers and IT professionals. The mind maps make explicit the conceptual
connections between various aspects of information security. The risk-control spectrum diagram outlines
the broad range of information security issues. The diagrams are used to illustrate several other items in the InfoSec 101 module: we provide the Visio originals so that customers can easily adapt the content if
they wish.
22. Information Security 101 management seminar 12 slides with speaker notes
Introduce managers to their key governance responsibilities relating to the protection of information assets.
23. Information Security 101 board agenda 1 page
Ask experienced senior executives for tips on how to make the security awareness program a success ... and in the process, inform them about the new program and remind them that information security is a
strategically important issue for the organization.
24. Information Security 101 management briefing 1 page
A glossy leaflet on the basics of information security, intended as an easily-digested take-away from the induction/orientation session or awareness program launch.
25. Information Security 101 top tips for managers 1 page
Ten top security tips with a management slant.
26. Model Corporate Information Security Policy 5 pages
An overarching information security policy based on international security standards ISO/IEC 27001 & 27002, containing 7 guiding principles and 39 policy axioms. [The policy is fully aligned with our Information Security Policy Manual.]
27. Executive briefing on Acceptable Use Policies 1 page
Explains the purpose and value of security-related Acceptable Use Policies and Codes of Conduct to
senior managers. People often confuse these with plain “policies” but they are more like guidelines in fact.
28. Management briefing on information security metrics 12 pages
White paper/briefing paper discusses factors affecting the selection and use of management metrics to measure and systematically improve information security. This general introduction sets the scene for the
topic-based metrics papers provided in the monthly NoticeBored modules.
Stream C: Basic security awareness materials for IT professionals
29. Information Security 101 newsletter 7 pages
The introductory level NoticeBored newsletter explains how the awareness program is structured and lists the topics that the program is anticipated to cover.
30. Information Security 101 technical seminar 12 slides with speaker notes
An introduction to information security basics for IT professionals who, oddly enough, often seem to lack
any formal training in the fundamentals of security, despite their technical training and IT expertise.
31. Information Security 101 technical briefing 1 page
A succinct briefing paper providing IT people with a gentle reminder of their security duties to take away from their first day at work.
32. Information Security 101 top tech tips 1 page
Ten semi-technical but eminently practical information security tips for technologists. Short and sweet.
33. Design specification for “The Security Zone” 14 pages
A detailed design specification for an information security awareness-focused intranet site, drawing on our experiences with numerous Internet and intranet Websites (including this one!). Even if you have an
information security site already, the ideas in this paper may suggest improvements to the structure, content and/or utility of the site. Maybe it’s time to refresh, re-brand and re-launch yours?
34. Information Security 101 technical briefing on baseline security controls 4 pages
This describes a reasonably comprehensive suite of “baseline” information security controls that would form a decent foundation for an Information Security Management System.
35. Information Security 101 internal controls review checklist 6 pages
In contrast to crude compliance tick-lists anticipating simple yes/no answers, our audit-style checklist poses open-ended questions and is primarily intended for use by qualified and competent information security
management and IT audit professionals. Use the checklist to review your basic information security controls quickly as a prelude, perhaps, to an ISO27k ISMS implementation (i.e. a “gap analysis”), or simply to find
out how mature your organization is in relation to the way others manage information security.
Information Security 101 module directory listing
Buy Information Security 101
Information Security 101 is available at a special price of just US$645. Check out our samplers
demonstrating the nature and quality of the materials provided in the module. Once you decide it’s right for you, please contact us to start the ball rolling.
By the way, Information Security 101 is provided at no extra charge to customers of the NoticeBored security awareness subscription service. If you are not quite ready for a NoticeBored subscription, start with
Information Security 101. If you like it enough to take up a NoticeBored subscription within 6 months, we’ll even refund the $645.
How to use Information Security 101
The 10-page awareness activities/train-the-trainer guide included in Information Security 101 suggests how to make best use of the awareness materials, and includes a bunch of ideas to make your awareness
program a great success.
While all our awareness materials are “camera ready” and finished to a consistently high level of quality, they
are necessarily generic. Since your organization’s awareness needs are unique, they are supplied as ordinary unlocked MS Office files. You can easily make any necessary changes for example:
-
Replacing the NoticeBored logo with your own security awareness logo and where necessary adopting a “house style” through formatting cues such as fonts, headings etc. This is a useful way to link all the
materials into a single coherent and instantly recognizable program, something marketing professionals consider important elements of “branding”. We apply our own templates to replicate the same
NoticeBored look on all the materials, using Word’s ‘styles’ consistently to make any subsequent styling changes much easier for you;
-
Adding contact details (phone numbers, email addresses, pager numbers, internal mail addresses ...)
for your information security people plus colleagues in related functions such as physical/site security, IT, Legal, HR, Compliance and others, in particular the Help Desk commonly used for reporting
information security incidents as well as requesting advice on basic security matters;
-
Referring to applicable corporate security or other policies, standards, procedures, guidelines and
awareness/guidance materials supplementing those provided in the module. Where appropriate, you may also choose to remind employees of their legal and regulatory compliance obligations in relation to
privacy, governance, copyright, PCI-DSS, SOX, FISMA, HIPAA, GLBA etc.;
-
Incorporating other awareness and training content, including pre-existing materials developed in-house and perhaps complementary materials from our competitors;
-
And finally of course, adopting the NoticeBored materials as part of your Learning Management System (LMS), Content Management System (CMS), security training courses, new employee goody packs
and so forth.
Thereafter, we heartily encourage customers to measure the effectiveness of the orientation process, ideally as part of a comprehensive information security awareness program that incorporates suitable awareness
and other information security metrics. Security awareness is not a “fire-and-forget” operation but benefits
from frequent care and attention, for instance incorporating changes in the compliance obligations and more
generally in the information security risks facing the organization. That’s precisely why we provide security awareness tests and metrics papers in the regular NoticeBored monthly modules ...
|