<![CDATA[[SecurityRatty] tag: handout]]>

<![CDATA[[SecurityRatty] tag: handout]]> http://securityratty.com/tag/handout Sun, 03 Dec 2006 17:27:35 +0000 iRatty Engine http://blogs.law.harvard.edu/tech/rss <![CDATA[Inflecting end-user awareness]]> http://securityratty.com/article/7ab656f3cae1348a740024016aee0f08 http://securityratty.com/article/7ab656f3cae1348a740024016aee0f08 Recently I had access to an informative handout from Information Risk Executive Council about inflecting end-user awareness program.

Here are some takeaways from the handout, I wanted to share the jest of the handout:

1. Brand your security awareness initiative, it will provide visibility to your initiative.

2. Segment your training across various target user groups.

3. Identify the behavioral change that you desire to impart and design the training to effect the same.

4. Reward good security behaviors.

5. Leverage your existing marketing communications (and other cross functional departments) to run the program.

6. Monitor compliance across various business units, show them them the comparative chart - this will create a healthy competition.

7. Keep the program up to date, revise the program based on the feedback.

Design the program with the end goal of behavioral change in mind, segment program across various target groups, leverage existing delivery methods, measure results, compare results across business units to create competition. Last but not least, keep it updated.

]]> Sun, 03 Dec 2006 17:27:35 +0000 program end-user awareness program program based segment program informative handout handout security awareness initiative business units behavioral change Inflecting end-user awareness