free page hit counter
Click the banner for the site map of NoticeBored.com, the information security awareness service
NoticeBored Classic is unique

We are setting the benchmark in security awareness. NoticeBored Classic is unique and unlike other “awareness solutions” on the market, making it tricky to weigh up NoticeBored against more traditional (some would say old fashioned!) approaches. 

 

The simplest way to explain the originality that characterizes NoticeBored is to compare them side by side:
Compare NoticeBored with more traditional alternatives

Traditional approach

NoticeBored Classic

Inform staff through a single, formal corporate communications process

Inform and motivate staff and managers through multiple formal and informal communications channels running in parallel

Stick some corny posters on staff noticeboards ... and leave them up indefinitely

Circulate fresh information every month in a range of formats so there’s always something new and interesting to read and absorb

Get the go ahead, develop the awareness materials and eventually launch the awareness program with a bang ... but then run out of steam

Launch the program today! Quickly establish a high level of awareness and keep it rolling forward indefinitely, drawing on a stream of creative energy

Cover too many issues at once, mostly at a rather superficial level

Stick to a single topic each month, seizing the opportunity go into more depth as appropriate to each audience

Stick to the basics such as viruses and passwords

Cover about 30 topics from different perspectives, reflecting current security risks/incidents and topical news

Broadcast management edicts and instructions at staff

Encourage feedback and interaction from employees and engage them by treating them as human beings rather than sounding boards

Deliver a random assortment of sometimes contradictory messages

Through branding, integrate all the materials into a coherent, consistent and instantly recognizable campaign theme

Think of “raised security awareness”
as an end in itself

Understand that awareness helps achieve behavioral and cultural changes, cutting risks and reducing losses

Tell staff to comply with “the rules” for information security as defined by management “or else”

Help everyone (managers, staff and IT professionals) understand their respective security obligations; offer practical and relevant guidance in their own terms and familiar language

Try to sack those who break the rules, but run into trouble with the lawyers or unions because “the rules weren’t clear”

Ensure that everyone is aware of and understands their obligations; make people personally accountable for their actions

Send staff away on security training courses and awareness sessions with no follow-up support

Raise security awareness without interrupting normal work; encourage people to seek out further information

Be boring, tedious, generally ignored

Be creative, interesting, engaging

Communicate either in a formal, stuffy and stilted style, or else a superficial, rather offhand style using childish cartoon graphics and weak jokes

Use a full range of formal and informal communications styles and methods to suit the various adult audiences and messages, maintaining a professional business-like approach throughout

Use IT Security Managers (if they have time) or technical authors (trained to write technical manuals in a technical style) to write information security materials

Draw on a stream of high quality security awareness materials written to a consistent standard by qualified full-time security awareness specialists

Aim security awareness materials squarely at “END-USERS”, more-or-less completely ignoring other audience groups

Engage PEOPLE: staff, managers and technologists through an inclusive program, giving appropriate information and guidance to suit each group’s needs*

Cover just the essentials - the bare minimum requirements only

Cover the basics plus topical information security, governance, information risk and related issues aligned with the ISO/IEC 27000-series standards

 Blindly hope that awareness messages
will all sink-in and register

Measure the level of awareness objectively and use the data to improve the program

Promise quick results from the awareness program and disappoint management when things don’t suddenly improve in just a few short months

Anticipate a gradual but deep-rooted genuine cultural change taking around
18-36 months. Lead management on the same journey.

Pick someone junior from Information Security or Training to design and run the program, or “get someone in”

Draw on the professional expertise of dedicated and qualified information security awareness specialists at low cost with zero management overhead

Run the program purely as an internal IT activity, making the best of limited
in-house skills and resources

Tap into the resources of IsecT, the wider NoticeBored community and other parts of the organization e.g. HR, Risk Management, Compliance and Legal

It is better to fail in originality than to succeed in imitation

In relation to ‘setting the benchmark’, some of our inventions, including ideas that have been central to NoticeBored since its launch in 2003, are gradually finding their way into competitors’ products. They say imitation is the sincerest form of flattery, so we consider ourselves duly flattered. Nevertheless, at NoticeBored we prefer to lead rather than be led. Originality, and quality will always define our products and differentiate us from the pack. We continue to innovate at every opportunity, frequently introducing new awareness topics and different types of engaging and creative awareness material. If you have an usual security awareness idea, do get in touch. Together, we can bring good ideas to life.

We have shown you what NoticeBored Classic is, what it can do for you and what makes it different from the rest.  Read a summary of the benefits on the next page.
NB homeAbout NB > NB Classic is unique >

Copyright © 2008 IsecT Ltd. and licensors