Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to craft a security awareness programme that works

Thor Olavsrud | June 1, 2016
Organisations struggle with making security awareness training programs that work. One expert says that's because we treat security awareness training as an event rather than a continuous program of education that adapts to the risks employees face.

It's also essential to treat your security awareness program as a communication exercise — essentially a change management problem. IT and the security function may not have the skills to make that happen, so Conrad suggests partnering with the training organization or the marketing organization to most effectively get the awareness training across.

"Anytime you can communicate a message to a person and make it personal, you're going to be much better off," Conrad says.

For instance, foundational training could show employees tools and best practices they can use at home to protect their children and other family members. They can then apply those tools and practices on the job.

"That's a very reasonable way to approach it," Conrad says. "Tie in that emotional hook. Make it real and personal."


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.