Unless you actually meant to call up the NoticeBored site map, you have probably just followed a dud hyperlink.  This is an actively-managed website that changes frequently.  The page you were seeking is probably still lurking here somewhere ... look through the pages listed below, start over at the home page or else try searching for it:

Search NoticeBored.com

Home sweet home

About NoticeBored

This section introduces and explains NoticeBored, the security awareness subscription service:

• About NoticeBored - general information on our flagship subscription-based awareness product
• Product Data Sheet - summarizes NoticeBored’s key features
• NoticeBored features - what are the main elements of the product?
• NoticeBored audiences - describes the three streams of material targeting three distinct audiences
• NoticeBored topics - outlines the information security topics covered
• NoticeBored samplers - PDF samplers of the NoticeBored awareness materials
• Using NoticeBored - explains how customers incorporate our creative content into their security awareness programs
• NoticeBored is unique! - a side-by-side comparison contrasts NoticeBored’s innovative rolling approach with more conventional (or dare we say old-fashioned) security awareness programs
• NoticeBored business benefits - what will NoticeBored do for your organization?
• NoticeBored price - NoticeBored is the most cost-effective information security enhancement with prices starting at less than the cost of a cup of coffee , per person, per year!
• NoticeBored customers - what does our typical NoticeBored customer look like?  If you can see a pattern, other than being prepared to use creative methods to make their employees more aware of their information security obligations, do let us know!
• NoticeBored back catalog - license all the prior awareness modules in one go to turbo-charge your security awareness program and set it off to a flying start

NoticeBored this month

Information Security 101

A special foundation-level security awareness module covering the basics of information security for use in security induction/new employee orientation classes, and to help new customers launch their security awareness programs.

 

Security awareness posters

New security awareness posters are supplied to NoticeBored customers electronically every month as high resolution image files.  The awareness posters are designed to generate interest in the month’s information security topic and are, of course, supported by the remaining awareness materials.  Buy them separately if you only need eye-catching graphic images.

Information security policy templates

Faced with the need for information security policies, it is tempting just to write a few policies covering the most obvious “security issues” while ignoring the rest.  A more professional approach involves assessing the organization’s information security risks and developing a comprehensive policy suite, systematically addressing all the material security risks.  To get you off to a flying start, we offer:

• A high-level Corporate Information Security Policy, aimed at senior management;
• An Information Security Policy Manual based on the advice in ISO/IEC 27002, aimed at information security, governance, control, risk management, compliance and assurance professionals;
• A set of more than 40 Topic-based Information Security Policies, written for general employees;
• An FAQ explaining more about the policies and how they are usually deployed.

Internal Control Questionnaires

Buy a comprehensive set of Internal Control Questionnaires to assess your organization’s information security controls against generally-accepted good practices.

Security links collection

The combined links and module diary page lists the awareness topics we have covered to date (see below) with a forward view of those due in the next quarter.  Our managed collection of hyperlinks supports each awareness module with a selection of useful Web resources.  Please tell us about broken links or suggest a link.  We have well over 1,000 already but there’s always room for more good resources.

• Accountability, responsibility and related links
• Audit links
• Authentication and credentials links
• Bugs!
• Business continuity links
• BYOD (Bring Your Own Device) security links
• Change & config management links
• Cloud computing security links
• Compliance links
• Confidentiality links
• Cryptography links
• Database security links
• Email and messaging security links
• Ethics links
• Fraud links
• Gizmos and teleworking security links
• Governance links
• Hacking links
• Human security links
• Identity theft links
• Incident management links
• Information protection and basic information security links
• Industrial espionage and trade secret links
• Information security risk management links
• Insider threat links
• Integrity links
• Intellectual Property Rights (IPR) links
• IT Operations links
• Malware links
• Network & Internet security links
• Office security links
• Phishing links
• Physical information security links
• Privacy links
• SCADA/ICS security links
• Secure development / security-SDLC integration links
• Securing business relationships links
• Social networking links
• Trust links
• Wireless security

White papers

While these papers are published and made available on the Web for you to read without charge, we retain our intellectual property rights (copyright) on them.  Plagiarists beware: we have a crack team of IPR specialist lawyers in reserve and we’ve taken action successfully against those who have stolen our intellectual property in the past.

• 7 myths about security metrics - discusses the key choices when designing a system to measure and report on information security
• 7 steps to security awareness - hints and tips on the process of planning and initiating an awareness program
• Business case for an information security awareness program  - a generic paper expounds the cost -benefit argument.  Useful ideas for your own budget or investment proposal perhaps?
• Creating a security culture - purely raising awareness is not a worthwhile end in itself!
• Data center physical security - tips for securing physical access and environmental services for data centers
• Human factors in information security - a white paper explains why it is so important to address human beings as an essential part of any information security management system or framework
• Information Security Policy, Awareness and Compliance Manager job description
• ISO/IEC 27001/2 - explains how NoticeBored relates to ISO/IEC 27001 and 27002, the ISO/IEC international standards for Information Security Management Systems
• The value of information security awareness? - numerous quotes and reasoned analysis support the need for a more creative and effective approach to security awareness

Book store and book reviews

Browse through our virtual bookstore showcasing our favorite information security books.

We have read these books mostly in the course of researching the security awareness modules and share the reviews here for the benefit of customers and other keen readers:

• Building an Information Security Awareness Program - Mark Desman’s book has some good ideas if you can face reading it
• Computer security - 20 things every employee should know - a handy little security booklet, useful as part of a security awareness program
• Computer Security for the Home and Small Office - security advice for the Small Office/Home Office owner
• Corporate Espionage - Ira Winkler’s first book, still a good read some ten years after it was published if you can lay your hands on a copy
• Dear Valued Customer, You Are A Loser - a useful source of security case studies for your awareness program
• Enemy at the Water Cooler - we wished we hadn’t bought this ESM sales pitch but ESM customers and vendors evidently like it
• Google Hacking - combined penetration tester’s technical manual and security manager’s horror story
• Handbook of Research on Social and Organizational Liabilities in Information Security - includes a chapter on security awareness by our CEO
• IDEO books on innovation - a pair of books by one of the owners of design company IDEO reveal their creative techniques
• Incident Management - comprehensive coverage in a small book
• Information Security Awareness - a rather academic book with some value to information security awareness professionals
• Information Security Governance - another hit from author Krag Brotby
• Information Security Management Metrics - lays out the conceptual framework necessary to design a sensible system of security metrics
• Insider threat - a disappointing treatise on such an important topic
• IT Governance 3^rd edition - a comprehensive guidebook to accompany ISO/IEC 27001/2 implementations
• IT Governance - an academic book with lasting value to practitioners
• ITIL v3 Security Book - now much closer to the ISO/IEC 27000 standards
• Know Your Enemy - the honeynet bible
• Lessons Learned in Software Testing - recommended reading for thinking people involved in testing application systems
• Managing an Information Security and Privacy Awareness and Training Program - unreservedly recommended, a fabulous awareness text (2^nd edition reviewed)
• Managing the Human Factor in Information Security - another recommended read for information security awareness professionals
• Net Crimes & Misdemeanors - a good security awareness book for naive net novices
• No Tech Hacking - covers the basic techniques of social engineering and site intrusion
• Phishing - Cutting the Identity Theft Line - more than just phishing, this book covers identity theft, criminal hacking and malware
• PCI DSS - a Practical Guide to Implementation - learn tips from an experienced implementer to save reinventing the wheel
• Scrappy Information Security - scrappy it is but maybe that means something else to you & me
• Spies Among Us - an eminently readable and useful book covering industrial espionage, hacking and social engineering
• Spreadsheet Check and Control - highly recommended for spreadsheet users, their managers, governance specialists, auditors and regulators
• The Art of Deception - our review of Kevin Mitnick’s fascinating first book ...
• The Art of Intrusion - ... and his second
• The CISO Handbook - full of practical guidance and advice for those tasked by management with ‘doing information security’
• The Insider - a extensive but somehow disappointing collection of journalistic pieces on corporate espionage cases
• Zen and the Art of Information Security - a superficial introduction to the field for non-experts

Contact us

Contact details with a feedback/information request form.  Get in touch with us if you would like to evaluate NoticeBored:

• Submit a link - suggest your favorite Internet security resources to add to our managed hyperlinks collection
• Copyright notice and disclaimer - describes how we protect our own intellectual property against theft and plagiarism, plus a legal disclaimer about using the information we supply
• Privacy policy summary - any personal details you submit to us are confidential
• Privacy policy detail - more info if you are still concerned, verging on truly paranoid

About IsecT

Briefly describes IsecT Ltd’s professional information security credentials (there’s lots more information on IsecT’s own website)

What’s new

As this is a dynamic website, we keep a history of significant changes.  If you can’t afford the time to hunt our site for the “new” and “changed” pointers, simply bookmark the what’s new page and visit when you can to keep up with any major developments.  If you have the slack time and interest for browsing or research, we update the weblog and links collection with news stories and new links, respectively, most days.  Come back soon!

NoticeBored blog

Keep up with news, resources and commentary, many relating to the monthly awareness topics.

Secret bonus level

As a public service for our fellow CISSPs, we maintain the Unofficial CISSP Forum FAQ.  CISSP Forum is said by some to be “far and away the principal benefit to the CISSP qualification” and by a few to be “a total waste of bandwidth”.  If you are a CISSP, join up in order to make your own mind up.

Copyright © 2012  IsecT Ltd.