Advanced Persistent Training: Take Your Security Awareness Program to the Next Level
- 1h 57m
- Jordan Schroeder
- Apress
- 2017
Gain greater compliance with corporate training by addressing the heart of the very awareness vs. compliance problem: people are human. People have incredible strengths and incredible weaknesses, and as an Information Security professional, you need to recognize and devise training strategies that take advantage of both. This concise book introduces two such strategies, which combined, can take a security awareness program to the next level of effectiveness, retention, compliance, and maturity.
Security policies and procedures are often times inconvenient, technically complex, and hard to understand. Advanced Persistent Training provides numerous tips from a wide range of disciplines to handle these especially difficult situations.
Many information security professionals are required by regulation or policy to provide security awareness training within the companies they work for, but many believe that the resulting low compliance with training does not outweigh the costs of delivering that training. There are also many who believe that this training is crucial, if only it could be more effective.
What you will learn:
- Present awareness materials all year-round in a way that people will really listen.
- Implement a "behavior-first" approach to teaching security awareness.
- Adopt to gamification the right way, even for people who hate games.
- Use tips from security awareness leaders addressing the same problems you face.
Who is this book for
Security awareness professionals or IT Security professionals who are tasked with teaching security awareness within their organization.
About the Author
Jordan Schroeder is a former department head at a technical school and corporate trainer. As an information security expert and a moderator of the Security.StackExchange.com forum, he is dedicated to researching and delivering effective and innovative methods to teach professionals and laypeople alike how to digitally secure their organizations and the assets they control. Jordan developed and runs SelfPhish, a phishing education and research platform aimed at discovering an individual's vulnerability to different types of social engineering attacks, then tailoring Security Awareness training to that individual.
In this Book
-
Challenges Faced by Organizations
-
Active Feedback
-
Behavioral Modification
-
Persistent Training
-
Metrics and Measures
-
Pro Tips
-
Security Culture
-
Take Your Program to the Next Level