Awareness is a critical element of any successful security programme. Without adequate levels of awareness, users cannot be responsible for compliance with policy. This will directly impact on the security of your information assets.
Corporate Security Awareness Issues
It is generally accepted that sound security is reliant upon a balance between the implementation of security policy, sensible application of security technology, and management of the overall security programme established. However, even the best security programme is undermined if those who operate it and are affected by it are not adequately aware of its existence, and their responsibilities.
Ignorance and uncertainty undermine security. If staff and management are unaware of their responsibilities, risks the organisation faces, and how to react to incidents, the impact of risks materialising is significantly magnified. Uncertainty too is disabling. Organisations, through their staff, become constrained in the opportunities they are willing to explore, because they do not understand the risks, and the actions that could be taken to mitigate the risks.
Awareness (making staff aware of what is expected of them) is a critical element of successful security. Without awareness, users cannot be responsible for compliance with policy; this will certainly adversely affect the confidentiality, integrity and availability of your organisation’s information.
The approach taken to delivering the service is to work closely with the client organisation in delivering a service appropriate to their specific requirements.
- Understand business requirements, priorities and risks
- Assess current level of awareness and implementation through review of policy and audit
- Propose a strategic awareness programme
- Propose a realistic action plan based on the strategy
- Manage the implementation of the strategy
- Measure and report on the success of the strategy
Risk disables – security enables. Commissum can deliver an awareness improvement programme that creates an environment of confidence, ensuring the business operates without the constraints imposed by uncertainty over risk.
- Staff understand the importance of their part in ensuring sound security
- Staff are able to recognise security concerns and respond accordingly, feeling confident in taking both proactive and reactive action
- Recognition of events that could indicate a security incident becomes reflex behaviour
- The organisation as a whole feels confident; pursuing opportunity in the knowledge that risks are understood and measures have been taken to mitigate these risks
The proven approach also realises additional benefits:
- Cost effective – a consistent, coordinated approach across the corporation without duplication
- Results effective – proven approach, from professionals with experience in both security and delivering training
- Visibly effective – regular reports provide metrics against benchmarks to ensure improvement is measured and monitored
Download the Security Awareness Programme PDF now (71.7 KB)
Find out more about Commissum’s security awareness programmes.