Unless you actually meant to call up the NoticeBored site map, you have probably just followed a dud hyperlink.  This is an actively-managed website that changes frequently.  The page you were seeking is probably still lurking here somewhere ... look through the pages listed below, start over at the home page or else try searching for it:

Search NoticeBored.com

Home home on the range

About NoticeBored

This section introduces and explains NoticeBored, our security awareness subscription service:

• About NoticeBored - general information on our flagship subscription-based awareness product
• Product Data Sheet - something to show the budget holders when pleading for resources
• NoticeBored features - what are the main elements of the product?
• NoticeBored audiences - describes the three streams of material targeting three distinct audiences
• NoticeBored topics - outlines the information security topics covered
• NoticeBored samplers - typical NoticeBored awareness materials
• Using NoticeBored - explains how customers incorporate our creative content into their security awareness programs
• NoticeBored is unique! - contrasts NoticeBored with more traditional awareness approaches
• NoticeBored business benefits - what will NoticeBored do for your organization?
• NoticeBored customers - what makes a typical NoticeBored subscriber? 
• NoticeBored back catalog - turbo-charge your program with a complete security awareness library
• NoticeBored prices - outstanding value for money from the most cost-effective form of security

NoticeBored this month

Describes the latest security awareness module for NoticeBored subscribers.

Information Security 101

A special foundation-level security awareness module covering the basics of information security for use in security induction/new employee orientation classes, and to help new customers launch their security awareness programs.

 

Security awareness posters

New security awareness posters are supplied to NoticeBored customers electronically every month as high resolution image files.  The awareness posters are designed to generate interest in the month’s information security topic and are, of course, supported by the remaining awareness materials.  Buy them separately if you only need eye-catching graphic images.

Information security policies

Faced with the need for information security policies, it is tempting just to write a few policies covering the most obvious “security issues” while ignoring the rest.  A more professional approach involves assessing the organization’s information security risks and developing a comprehensive policy suite, systematically addressing all the material security risks.  To get you off to a flying start, we offer:

• A high-level Corporate Information Security Policy, aimed at senior management;
• An Information Security Policy Manual based on the advice in ISO/IEC 27002, aimed at information security, governance, control, risk management, compliance and assurance professionals;
• A set of more than 40 Topic-based Information Security Policies, written for general employees;
• An FAQ explaining more about the policies and how they are usually deployed.

White papers

While these papers are published and made available on the Web for you to read without charge, we retain our intellectual property rights (copyright) on them.  Plagiarists beware: we have a crack team of IPR specialist lawyers in reserve and we’ve taken action successfully against those who have stolen our intellectual property in the past.

• 7 myths about security metrics - discusses the key choices when designing a system to measure and report on information security
• 7 steps to security awareness - hints and tips on the process of planning and initiating an awareness program
• Business case for an information security awareness program  - a generic paper expounds the cost -benefit argument.  Useful ideas for your own budget or investment proposal perhaps?
• Creating a security culture - purely raising awareness is not a worthwhile end in itself!
• Data center physical security - tips for securing physical access and environmental services for data centers
• Human factors in information security - a white paper explains why it is so important to address human beings as an essential part of any information security management system or framework
• Information Security Policy, Awareness and Compliance Manager job description
• ISO/IEC 27001/2 - explains how NoticeBored relates to ISO/IEC 27001 and 27002, the ISO/IEC international standards for Information Security Management Systems
• The value of information security awareness? - numerous quotes and reasoned analysis support the need for a more creative and effective approach to security awareness

Book store and book reviews

Browse through our virtual bookstore showcasing our favorite information security books.

We have read these books mostly in the course of researching the security awareness modules and share the reviews here for the benefit of customers and other keen readers:

• Asset Protection through Security Awareness is a lightweight introductory-level text
• Building an Information Security Awareness Program - Mark Desman’s book has some good ideas if you can face reading it
• Computer security - 20 things every employee should know - a handy little security booklet, useful as part of a security awareness program
• Computer Security for the Home and Small Office - security advice for the Small Office/Home Office owner
• Corporate Espionage - Ira Winkler’s first book, still a good read some ten years after it was published if you can lay your hands on a copy
• Dear Valued Customer, You Are A Loser - a useful source of security case studies for your awareness program
• Enemy at the Water Cooler - we wished we hadn’t bought this ESM sales pitch but ESM customers and vendors evidently like it
• Ghost in the Wires - Kevin Mitnick’s autobiographical book
• Google Hacking - combined penetration tester’s technical manual and security manager’s horror story
• Handbook of Research on Social and Organizational Liabilities in Information Security - includes a chapter on security awareness by our CEO
• IDEO books on innovation - a pair of books by one of the owners of design company IDEO reveal their creative techniques
• Incident Management - comprehensive coverage in a small book
• Information Security Awareness - a rather academic book with some value to information security awareness professionals
• Information Security Governance - another hit from author Krag Brotby
• Information Security Management Metrics - lays out the conceptual framework necessary to design a sensible system of security metrics
• Insider threat - a disappointing treatise on such an important topic
• IT Governance - an academic book with lasting value to practitioners
• ITIL v3 Security Book - now much closer to the ISO/IEC 27000 standards
• Know Your Enemy - the honeynet bible
• Lessons Learned in Software Testing - recommended reading for thinking people involved in testing application systems
• Managing an Information Security and Privacy Awareness and Training Program - unreservedly recommended, a fabulous awareness text (2^nd edition)
• Managing the Human Factor in Information Security - another recommended read for information security awareness professionals
• Net Crimes & Misdemeanors - a good security awareness book for naive net novices
• No Tech Hacking - covers the basic techniques of social engineering and site intrusion
• Phishing - Cutting the Identity Theft Line - more than just phishing, this book covers identity theft, criminal hacking and malware
• PCI DSS - a Practical Guide to Implementation - learn tips from an experienced implementer to save reinventing the wheel
• Scrappy Information Security - scrappy it is but maybe that means something else to you & me
• Security Metrics - A Beginner’s Guide has useful advice on assessing your audience
• Spies Among Us - an eminently readable and useful book covering industrial espionage, hacking and social engineering
• Spreadsheet Check and Control - highly recommended for spreadsheet users, their managers, governance specialists, auditors and regulators
• The Art of Deception - our review of Kevin Mitnick’s fascinating first book ...
• The Art of Intrusion ... and his second
• The CISO Handbook - full of practical guidance and advice for those tasked by management with ‘doing information security’
• The Insider - a extensive but somehow disappointing collection of journalistic pieces on corporate espionage cases
• Zen and the Art of Information Security - a superficial introduction to the field for non-experts

Contact us

Contact details with a feedback/information request form.  Get in touch with us if you would like to evaluate NoticeBored:

• Copyright notice and disclaimer - describes how we protect our own intellectual property against theft and plagiarism, plus a legal disclaimer about using the information we supply
• Privacy policy summary - any personal details you submit to us are confidential
• Privacy policy detail - more info if you are still concerned, verging on truly paranoid

About IsecT

Briefly describes IsecT Ltd’s professional information security credentials (there’s lots more information on IsecT’s own website)

What’s new

As this is a dynamic website, we keep a history of significant changes.  If you can’t afford the time to hunt our site for the “new” and “changed” pointers, simply bookmark the what’s new page and visit when you can to keep up with any major developments.  If you have the slack time and interest for browsing or research, we update the weblog and links collection with news stories and new links, respectively, most days.  Come back soon!

NoticeBored blog

Keep up with news, resources and commentary, many relating to the monthly awareness topics.

FAQs

As a public service, we maintain the following Frequently Asked Questions and answers:

1. Information security policy FAQ - advice on designing and delivering worthwhile policies.
2. ISO27k FAQ - about implementing/using and being certified compliant with the ISO/IEC 27000-series international standards on information security management.
3. IT Audit FAQ - explains what IT auditors do and how they do it.
4. Unofficial CISSP Forum FAQ - CISSP Forum is said by some to be “far and away the most valuable benefit to the CISSP qualification” and by a few to be “a total waste of bandwidth”. 

Copyright © 2012  IsecT Ltd.