DigitalDefence
Home > Advise > Security Awareness

Security Awareness

security_awareness

Your data is under increased attack from a variety of internal and external threats. And technology alone cannot secure critical business resources

Your single greatest security resource are your employees – they are you “front-line troops” in handling your data. They may be the first to recognize a security breach, and the first to respond to the attack.

Are they ready?

DigitalDefence will provide you with the guidance to surpass mere security awareness; instead, you will create a culture of security across your organization

DigitalDefence’s Security Awareness Program is a highly-customized program that provides employees with the security knowledge and deep understanding required to protect your data. It is tailored to your unique corporate strategy and practices. Teaching modules are developed in close collaboration with the client, and may include:

  • Information security basics
  • Data classification and handling
  • Appropriate and personal use of data resources, including the Internet and e-mail, blogging, social networks
  • Secure mobile computing and remote access
  • Secure file transfer, and use of encryption
  • Physical security and social engineering attacks
  • Recognizing data intrusions and malicious software (viruses, Trojan, backdoors)
  • Effective incident response and reporting

Service Delivery

DigitalDefence’s Security Awareness Program is customized directly to your organization to ensure that it supports your business strategy as well as security practices. Elements of the program include:

  • Baseline the existing business and security practices – ensure executive support; understand the environment and corporate culture as well as critical documents such as the Information Security Policy; identify key risks to data security and privacy; develop success metrics
  • Identify the program’s focus – what specific messages need to be delivered to the audience, and what is the most effective way to deliver that message. Different messages may be prepared for groups with different management or technical roles
  • Implement the security program – “train the trainers”, or deliver training directly to the staff; distribute the security message using online documents, posters, etc;
  • Measure success – ensure that all employees have received relevant training, and that the resulting knowledge is contributing to the organization’s overall security