Spotting incidents” - April’s security awareness and training module

Incidents worth reportingBackground New this month

The ‘spotting incidents’ awareness and training module concerns vigilance, early detection and (where appropriate) prompt reporting of a deliberately diverse set of information-related incidents, concerns and risks such as: authentication failures; cloud, Internet and network failures, plus IT system and app failures; coercion, blackmail; assorted compliance issues; data errors, integrity failures; physical incidents such as fires, floods, quakes, eruptions and weather bombs; exposure or disclosure of confidential business and personal information (privacy breaches) ... and many more. 

Whether you consider them to be incidents or not, suspicious activities and near-misses are also worth reporting if ‘early warning’ is something you and your management would appreciate. Nasty surprises are, well, nasty.  The sooner you know about trouble on the horizon, the more options you have.

Incident mgmt processScope

The NoticeBored module concerns identify and assess, two critical early steps that kick -start the incident management cycle shown here. 



We have covered the remainder of the incident management process before and will do so again - in fact every single NoticeBored module concerns incidents since they are the very reason that information risks are of concern, and information security is necessary.



Undetected incidents fly under the radarLearning objectives

‘Spotting incidents’ is about identifying and reporting a wide range of information security-related incidents:

  • For the general staff audience, the awareness and training materials emphasize vigilance and diligence.  Simply put, we’re encouraging people to watch out for and report more stuff, as well as responding directly to threats (e.g. by not clicking suspicious links). 
  • For the management audience, the materials also cover reporting (e.g. enabling and actively encouraging staff to let management know about issues, incidents, risks, near-misses etc.) and edge forward into the analysis and response to reported incidents, including the need to disclose some incidents externally (e.g. privacy breaches).
  • For the professional audience, the materials touch on the ‘instrumentation’ of information systems and processes.  Automated flagging/alerting and logging of security-relevant events naturally complements the manual reporting by IT users, but is a neglected area of systems architecture and design.

Those three streams support each other, setting workers thinking and talking about this topic, fostering the security culture in a general way. It’s a good topic for socializing security among the organization because it is relevant to and affects everyone.

Think about your learning objectives in this area. What are your organization’s challenges around spotting incidents?  If you are struggling to deal with the volume of incident-related reports already flowing and reluctant to invite yet more, you’d better get more efficient at assessing, handling and using those reports! The preferred way to cut the volume of incident reports is to improve your information security, which includes improving the quality and relevance as well as timeliness of incident reporting.  Don’t just complain: raise your game!

As well as customizing the NoticeBored materials to suit your awareness branding and objectives, feel free to blend-in additional content.  Use the materials in the company newsletters and magazines, your intranet Security Zone, in awareness events and training courses, and for new employee induction or orientation purposes.



Module 192 contents listing


Get this module

Subscribe to the NoticeBored service this month to receive the latest module, plus similar batches of security awareness and training materials delivered fresh to your organization every month.  We offer a wealth of top-quality creative content on a market-leading range of information risk and security topics making it economic for you to run a world-class security awareness and training program.

Email us to set the ball rolling.  Find out what it takes to get your security awareness and training program quickly up to speed, for a lot less than you might think.  We’re a small company with a big reputation for quality and innovation.

If you only want this unique module, then yes we can do that too.  And if there’s some pertinent topic missing from our awareness and training portfolio, let’s talk. We’re always on the lookout for fresh meat.

What’s next?

Tag along with us on NBlog as we work on the next awareness topic.  In addition to clues about what’s coming up through NoticeBored, we often share creative hints and tips on making security awareness and training even more effective.

Home > NB this month >

Copyright © 2019 IsecT Ltd.