Editor's Note: Rhonda Kelly is the Security Education and Awareness Architect at Oshkosh Corporation. She is one of the speakers for the upcoming US Security Awareness Summit in Philadelphia August 19. Below she discusses her talk on planning and what you will learn from it.
I will be sharing with you what I call the Information Security Awareness Communication Calendar (ISACC) Roadmap. This is a planning document we developed to plan, maintain, and measure how we communicate our security awareness program. Think of it as your personal GPS, navigating you through how you will communicate your awareness program. It does this by breaking your program down into a comprehensive, color coded, roadmap providing a day-by-day break down over a calendar year. The plan then allocates specific communication events of valuable milestones which can be used to communicate to leadership and internal allies. This roadmap assists you in goal setting, reaching milestones, measuring timelines, acquiring budget and resources, as well as qualifiers for internal and external audits. This map has proven invaluable to our organization. It provided assistance to program managers on what to communicate to internal teams and clearly defines the various touch points you plan to use and communication tools to be utilized. ISACC is a visionary tool of educational events encompassing past, present and future activities. We all share a similar goal, to be viewed as the pinnacle in security awareness by our executive leadership, managers, supervisors, peers and/or auditors and ISACC will get you there. You will learn how to organize your security awareness program over a desired timeframe.
- You will learn how to use the roadmap to gain leadership and internal allies support
- You will learn how the roadmap will help you pass compliance and audit reviews
- You will learn to mitigate challenges before they occur, saving yourself valuable time
Let's have fun in what we do, our employees seek the same. As we continue to learn and build upon opportunities we will continue to gain knowledge and increase our skills. Let's continue that momentum at the 2015 Security Awareness Summit.
Bio: Rhonda Kelly currently holds the Security Education and Awareness Architect position at Oshkosh Corporation. Rhonda's sole responsibility is to design, build, and implement a Security Educational program encompassing Information Security for ~12,000 employees, world-wide, including translating materials into 10 languages. Her background is business management, with an emphasis on marketing and communications. She continues to build her Information Security technology experience through various Information Security entities including SANS. Her passion is to build a Security Education and Awareness program that will continue to advance the knowledge base of employees that makes a noticeable difference throughout the entire organization.