![]() |
||||||||||||||||||||||
![]() |
||||||||||||||||||||||
|
|
||||||||||||||||||||||
![]() |
||||||||||||||||||||||
Making information security everybody’s businessInformation security is a vital element of corporate and IT governance and risk management, which provides the organizational context. Secure organizations confidently pursue new business opportunities that would be too risky for their insecure peers. Information security, then, supports business objectives and hence security awareness has commercial value to the organization. Simply put, security makes good business sense.
Creative security awareness content from NoticeBored
We supply fresh batches of awareness materials for your staff, managers and IT professionals, covering a different information security topic every month. Use our high quality, engaging materials and bags of creative energy to kick-start your information security awareness program, and build a genuine, deep-rooted and widespread security culture by:
Find out what makes security awareness so important, and why it’s our passion, in our popular white paper on the value of security awareness. Read on to find out all about NoticeBored. Next generation seductive security awarenessInformation security awareness is what we do, it’s our passion. You probably have other things that fire your imagination and that’s fine, but think of us first when someone suggests you really ought to have a security awareness program. We are proud to have been acknowledged as a “best practice expert” in security awareness by ENISA, the European Network and Information Security Agency. Our Business Case for an Information Security Awareness Program contributed to ENISA’s Users’ Guide: How to Raise Information Security Awareness. The Users’ Guide expands considerably on our white paper with helpful advice to small companies on how to plan and establish security awareness programs. While we don’t sell security technologies such as antivirus and firewalls, we have absolutely no problem with organizations using them as part of their information security management systems. NoticeBored fills in the gaps between the technologies, tackling the human factors - those awkward and ill-defined issues that technology alone cannot solve. But the best kept secret is that we also support and leverage those very same technologies by helping IT professionals and general managers appreciate their part in the bigger picture. Do your IT people and managers understand the pivotal role they play in information security? Or is security just another annoying barrier to them, something to be bypassed or avoided whenever possible? Chris Potter, leader of the excellent biannual UK information security breaches survey, described the lack of security awareness as one of the biggest ongoing issues revealed by the survey. “The survey shows that staff are increasingly targeted by social engineering attacks (where outsiders try to obtain confidential information from employees). In addition, businesses are becoming increasingly concerned about what is being said about them on social networking sites (such as MySpace, Facebook and Bebo), and some staff have posted confidential information on these sites. This is a pretty dangerous combination. Fortunately, there is some good news. Companies are hardening their technical controls ... In addition, the proportion of companies that have an information security policy has quadrupled over the last eight years. Most companies take active steps to tell their staff about their security policy and the risks they face. However, companies are realising that increasing security awareness is only part of the answer. The critical issue is changing people’s actual behaviour. Too many users have a ‘click mentality’ - they become blind to warning pop-up boxes and do what expedites their current activity rather than what they know they ought to. It is a bit like the road speed limit - everyone knows they shouldn’t speed, but many people go ahead and do so. So, the agenda seems to be moving on from simple ‘first generation’ security awareness and onto ‘the next generation’ of behavioural change. Many information security specialists, while knowledgeable about policy and technical issues, lack the skills to deliver true behavioural change into their businesses. Only by working with other specialists, such as the marketing and HR functions, and by embedding security into the mantra of the middle manager, will businesses realise the benefits of a security -aware culture.” Hear hear Chris!
Achieving genuine deep-rooted cultural change is the central aim of NoticeBored. Our approach goes well beyond those dreadful first-generation annual security awareness torture sessions. NoticeBored promotes information security continually through year-round activities using creative awareness materials, actively encouraging your employees to liaise with their colleagues in HR, IT, Legal, Risk Management and Compliance functions for example. We exploit marketing, advertising and modern educational techniques to both extend and deepen the awareness program’s reach and build a strong security brand, moving on from broadcasting security imperatives at employees to actively engaging them as part of the solution. Find out lots more about NoticeBored in this section of the website. |
||||||||||||||||||||||
|
|
||||||||||||||||||||||
| Home > About NB > | ||||||||||||||||||||||
|
Copyright © 2012 IsecT Ltd. |
||||||||||||||||||||||