Unless you actually meant to call up the NoticeBored site map, you have probably just followed a dud hyperlink. This is an actively managed website that changes every week, often several times a day. The page you were seeking is probably still lurking here somewhere ... look through the pages listed below, start over at the home page or else try searching for it:

Search NoticeBored.com

Home

Where the heart is.

 

About NoticeBored

This section introduces and explains NoticeBored:

• About NoticeBored General information on the security awareness product
• Product Data Sheet on NoticeBored - summarizes the main features on 2 sides
• NoticeBored features - what are the main elements of the product?
• NoticeBored audiences - describes the three target audiences for which the awareness materials are individually written
• NoticeBored modules - outlines the information security topics covered by our monthly awareness modules
• NoticeBored samplers - samplers of the NoticeBored awareness materials typically delivered in the monthly modules
• Using NoticeBored - explains how customers typically download and use the awareness content
• NoticeBored is unique! - a side-by-side comparison contrasts NoticeBored’s innovative approach with a typical more conventional security awareness program
• NoticeBored business benefits - what will NoticeBored do for your organization?
• NoticeBored price - NoticeBored is the most cost-effective information security enhancement with prices starting at less than the cost of a single cup of coffee, per person, per year!
• NoticeBored customers - what does a typical NoticeBored customer look like? If you can see a pattern , do let us know!
• NoticeBored back catalog - license all the prior modules in one go to supercharge your security awareness program and set it off to a flying start

NoticeBored this month

Read about August’s security awareness module on information security governance.

NoticeBored induction module

A special security awareness module covering the basics of information security for use in security induction classes, and to help new customers launch their security awareness programs.

NoticeBored posters

New security awareness posters are supplied to NoticeBored customers electronically every month as high resolution image files. The awareness posters help to promote the month’s information security topic and are, of course, supported by the remaining awareness materials.



 

Information security policy manual

 Faced with the need for information security policies, it is tempting just to write a few policies covering the most obvious “security issues” and ignore the rest. A more professional approach involves assessing the organization’s information security risks and developing a comprehensive policy manual, systematically addressing all the material risks. Our generic security policy manual is a cost-effective way to document best practice information security controls, using ISO/IEC 27002:2005 as a basis.

NoticeBored links collection

The diary page lists the awareness topics we have covered to date (see below) with a forward view of those due in the next quarter. Links from the respective monthly entries take you to our corresponding pages in our managed collection of hyperlinks accompanying each security awareness module/topic. Please tell us about broken links or suggest a link. We have well over 1,000 already but there’s always room for more good resources.

• Accountability, responsibility and related links
• Audit links
• Authentication links
• Awareness links
• Bugs! links
• Change management links
• Compliance links
• Confidentiality links
• Contingency planning links
• Database security links
• Email security links
• Fraud links
• Governance links
• Hacking links
• Identity theft links
• Incident management links
• Induction course links (basic information security awareness topics)
• Information security risk management links
• Insider threat links
• Integrity links
• Intellectual Property Rights IPR links
• IT Operations links
• Malware links
• Mobile computing and teleworking links
• Network security links
• Office security links
• Phishing links
• Physical IT security links
• Privacy and data protection links
• Secure development / security-SDLC integration links
• Social engineering links
• Third party security links
• Trade secret links
• Trust links

Freebies!

While these papers are published and made available on the Web for free, we retain our intellectual property rights (copyright) on them. Plagiarists beware: we have a crack team of IPR specialist lawyers in reserve and we’ve taken action successfully in the past.

• 2008 security awareness calendar - our favorite twelve awareness images originally delivered to customers in 2007 as posters, now recycled into a 2008 calendar. An environmentally-friendly security awareness message
• Creating a security culture - purely raising awareness is not an end in itself!
• 7 myths about security metrics - discusses the key choices when designing a system to measure and report on information security
• 7 steps to security awareness - hints and tips on the process of planning and initiating an awareness programDatacenter security - white paper on physical and environmental security considerations for corporate datacenters
• Building a security culture - a short piece about the need to incorporate information security into your corporate culture
• Business case for an information security awareness program - a generic paper expounds the cost -benefit argument. Useful ideas for your own budget or investment proposal perhaps?
• Data center physical security - tips for securing physical access and environmental services for datacenters
• Human factors in information security - a white paper explains why information security is so reliant on people, not just technology
• ISO/IEC 27001/2 - explains how NoticeBored relates to ISO/IEC 27001 and 27002, the ISO/IEC international standards for Information Security Management Systems
• NoticeBored newsletters - if you like the look of the previous six issues (downloadable from the diary and blog page), sign up here for a free monthly subscription to get the very latest edition in your inbox at the start of every month
• State of IT auditing - our article was published in EDPACS
• Why do we need information security awareness? - because people like you and me are the weakest links. Numerous quotes and reasoned analysis support the need for awareness
• Book reviews - we have read these books mostly in the course of researching the security awareness modules and share the reviews here for the benefit of customers and other keen readers:
• Computer security - 20 things every employee should know - a handy little security booklet, useful as part of a security awareness program
• Computer Security for the Home and Small Office - security advice for the Small Office/Home Office owner
• Corporate Espionage - Ira Winkler’s first book, a good read some ten years after it was published if you can find a copy
• Enemy at the water cooler - we wished we hadn’t bought this ESM sales pitch but ESM customers and vendors evidently like it
• Google hacking - combined penetration tester’s technical manual and security manager’s horror story. 
• IDEO books on innovation - a pair of books by one of the owners of design company IDEO reveal their creative techniques
• Incident management - comprehensive coverage in a small book.
• Information security awareness - a rather academic book with some value to information security awareness professionals
• Insider threat - a disappointing treatise on such an important topic
• IT Governance 3^rd edition - a comprehensive guidebook to accompany ISO/IEC 27001/2 implementations
• IT Governance - an academic book with lasting value to practitioners
• Know Your Enemy - the honeynet bible
• Lessons Learned in Software Testing - recommended reading for thinking people involved in testing application systems
• Managing an information security and privacy awareness and training program - at last! A security awareness book we are happy to recommend unreservedly
• Net Crimes & Misdemeanors - a good security awareness book for naive net users
• Phishing - cutting the identity theft line - more than just phishing, this book covers identity theft, criminal hacking and malware
• PCI DSS - a practical guide to implementation - learn tips from an experienced implementer to save reinventing the wheel
• Spies Among Us - an eminently readable and useful book covering industrial espionage, hacking and social engineering
• Spreadsheet check and control - highly recommended for spreadsheet users, their managers, governance specialists, auditors and regulators
• The Art of Deception - our review of Kevin Mitnick’s fascinating first book
• The CISO Handbook - full of practical guidance and advice for those tasked by management with ‘fixing information security’
• The Insider - a extensive but somehow disappointing collection of journalistic pieces on corporate espionage cases
• You Are A Loser - a useful source of security case studies for your awareness program
• Zen and the Art of Information Security - a superficial introduction to the field for non-experts

Contact us

Contact details with a feedback/information request form. Get in touch with us if you would like to evaluate NoticeBored:

• Submit a link - suggest your favorite Internet security resources to add to our managed hyperlinks collection
• Copyright notice and disclaimer - describes how we protect our own intellectual property against theft and plagiarism, plus a legal disclaimer about using the information we supply
• Privacy policy summary - any personal details you submit to us are confidential
• Privacy policy detail - more info if you are still concerned, verging on truly paranoid

About IsecT

Briefly describes IsecT Ltd’s professional information security credentials (there’s lots more information on IsecT’s own website)

• IsecT partners - our network of trusted partners for information security training, consulting, LMS and other products
• Meet us - your chance to meet those behind NoticeBored face-to-face.

What’s new

As this is a dynamic website, we keep a history of significant changes. If you can’t afford the time to hunt our site for the “new” and “changed” pointers, simply bookmark the what’s new page and visit when you can to keep up with any major developments. If you have the slack time and interest for browsing or research, we update the weblog and links collection with news stories and new links, respectively, most days. Come back soon!

NoticeBored blog

Keep up with news, resources and commentary relating to the monthly topics.

Secret bonus level

As a public service for our fellow CISSPs and SSCPs, we maintain the Unofficial CISSP Forum FAQ. The forum is said by some to be the principal benefit of the CISSP qualification but shhhh, don’t tell anyone, eh? It’s our dirty little secret.