A common challenge most organizations face when building an effective security awareness program is determining which topics to communicate. Too often organizations try to teach too much, with little if any effort in identifying which topics have the greatest impact. Keep in mind you most likely face several limitations. The first is many organizations are limited to thirty minutes or less in their initial training. Every minute of lost work quickly adds up as a result management may put restrictions on how long the training can be. In addition you will be competing for time against other types of training (sexual harassment, ethics, etc). Also keep in mind people can only remember so much. The fewer topics you focus on, the more you can reinforce those topics and the more likely you will change behaviors. If you try to cram too much information people will simply become overwhelmed and most likely forget it all. As a result, I feel it is very important for organizations to review and teach only the topics that have the greatest value. In this series of ten blog posts I covered what I felt were the ten most important topics and why. Obviously every organization is different, and so to will your program. However these topics can give you a place to start. If you feel a topic was left out, please let me know!
- Customer Support