Security Awareness Program Planning

Security Awareness Program Planning

Once you've gained the necessary internal support, the next step is deciding how to develop, deploy, and maintain an effective awareness campaign. These resources are developed for the community and unless otherwise stated are distributed under the Creative Commons BY-NC-SA 4.0 license. Please send any feedback on how to improve these resources to community@securingthehuman.org.

Making Awareness Stick

One of the most common, long-term challenges faced by any awareness program is getting it to stick. In this talk we explain what organizations are effectively doing around the world to emotionally engage and communicate to their employees. Key points you will learn include behavior modeling, defining culture, developing an engagement strategy, communication methods and ambassador programs.

Security Awareness Planning Kit

This package provides resources to help plan your security awareness program, including labs from the two day course SANS MGT433.

MGT433: Building High-Impact Awareness Programs

This intense two day class walks you through how to build, maintain and measure a high-impact security awareness program. In addition, you will work with fellow students to document your own customized security awareness project plan which you can use the day you get back to the office. Learn more and sign up here.

Top Seven Human Risks

A key step to managing your human risk is first identifying and then prioritizing those risks and then focusing on the top ones. After working with hundreds of organizations, Lance Spitzner discusses what are the 7 most common human risks he finds in organizations and what you can do to effectively manage and measure those specific risks. Key points you will learn include concepts of cognitive overload, identifying top human risks and the behaviors that mitigate those risks.