Building an Information Security Awareness Program Defending Against Social Engineering and Technical Threats
Auteurs : Gardner Bill, Thomas Valerie
The best defense against the increasing threat of social engineering attacks is Security Awareness Training to warn your organization's staff of the risk and educate them on how to protect your organization's data. Social engineering is not a new tactic, but Building an Security Awareness Program is the first book that shows you how to build a successful security awareness training program from the ground up.
Building an Security Awareness Program provides you with a sound technical basis for developing a new training program. The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework. Here, he walks you through the process of developing an engaging and successful training program for your organization that will help you and your staff defend your systems, networks, mobile devices, and data.
Forewords written by Dave Kennedy and Kevin Mitnick!
1. What Is Security Awareness Training? 2. Why Does Your Organization Need a Security Awareness Program? 3. Getting Management Buy-In 4. Understanding Infosec Threats 5. Training Cycle 6. Training Types 7. Building Engaging Training 8. Metrics 9. Why Most Security Awareness Programs Fail 10. Current Debate on Security Awareness 11. The Security Awareness Training Framework (SATF)
Information Security practitioners, and an academic audience among information security majors. Corporate sales potential for IT Managers looking to implement Security Awareness training in their organizations.
Valerie Thomas is a Senior Information Security Consultant for Securicon LLC that specializes in social engineering and physical penetration testing. After obtaining her bachelor's degree in Electronic Engineering, Valerie led information security assessments for the Defense Information Systems Agency (DISA) before joining private industry. Her skill set also includes intrusion detection, endpoint protection, data loss prevention, and mobile security. Throughout her career, Valerie has conducted penetration tests, vulnerability assessments, compliance audits, and technical security training for executives, developers, and other security professionals.
- The most practical guide to setting up a Security Awareness training program in your organization
- Real world examples show you how cyber criminals commit their crimes, and what you can do to keep you and your data safe
- Learn how to propose a new program to management, and what the benefits are to staff and your company
- Find out about various types of training, the best training cycle to use, metrics for success, and methods for building an engaging and successful program
Date de parution : 08-2014
Ouvrage de 214 p.
19x23.4 cm