3. IS Awareness Strategy
ā¢ Why will you do that?
ā¢ What is your goal?
ā¢ Who you are targeting
in your program?
ā¢ What will you teach them?
ā¢ How will you engage and
communicate to people?
3
4. IS Awareness Domains:
ā¢ Intro (terms, policy, requirements, risks, objectives,
incidents, roles and responsibilitiesā¦)
ā¢ Processes (information classification and labeling,
change management, information transfer, incident
notification, business continuity, backup and recoveryā¦)
ā¢ Acceptable use policy (BYOD, laptops, IT services,
shared folders, Internetā¦)
ā¢ Physical Security (badges, access control, secure areas,
key management, visitors, documents disposal, clear
desk policyā¦)
ā¢ IT Security (antimalware, VPN, password policy,
notification about monitoring (DLP, SIEM, web)ā¦)
ā¢ Remote work and business trips
ā¢ Public Information (social medias, presentation, PRā¦)
ā¢ Data protection (GDPR+)
ā¢ Special cases
https://www.patreon.com/posts/is-awareness-30631920 4
7. 2017 2018 2019 2020
ā¢ Document
study
ā¢ Document study
ā¢ The corporate portal and
Shared Folders (Z)
ā¢ Security Presents
ā¢ Document study
ā¢ The corporate portal and
Shared Folders (Z)
ā¢ Security Presents
ā¢ E-mailing (not regular)
ā¢ Document study
ā¢ The corporate portal and
Shared Folders (Z)
ā¢ Security Presents
ā¢ E-mailing
ā¢ Posters
ā¢ Presentations:
ā¢ Introduction (1.0), 60%
ā¢ Site security (1.0), 100%
ā¢ Presentations:
ā¢ Introduction (2.9), 80%
ā¢ Site security (2.0), 100%
ā¢ Phishing (1.2), 50%
ā¢ Presentations:
ā¢ Introduction (3.x)
ā¢ Site security
ā¢ Phishing
ā¢ Classification and Handling
ā¢ e-Learning platform testing
ā Failure
ā¢ Video recording ā Failure
ā¢ Posters ā Failure
ā¢ Phishing and e-Learning
platform testing ā Failure
ā¢ Phishing platform testing ā
Failure
ā¢ Phishing platform (?Gophish)
ā¢ e-Learning platform (?SCORM
format)
My IS awareness programme: Chronology
7
8. A few words about metrics
Basic metrics - % of employees trained. We'll complicate it laterā¦
In case of incidents (including tests) - one more trainingā¦
Observations:
ā¢ The number of incident notifications has increased
ā¢ The number of incidents has decreased (by category)
ā¢ The number (and topics) of requests have changed
Input for CI
8
9. Content
!!!
Good
Looking
Plain
language
AIDA
ActualUseful
Smart
Tests
Easy to
update
e-Learning
ā¢ Attention
ā¢ Interest
ā¢ Desire
ā¢ Action
ā¢ Real cases
ā¢ Company / Industry
ā¢ Region
ā¢ Corporate culture
ā¢ Business context
ā¢ Personal context
ā¢ We need a designer!
ā¢ Buy the pictures
ā¢ Use the photos
ā¢ T/F questions are
better than multiple
choice questions
ā¢ Answers in the text
ā¢ Explanations
ā¢ Native language
ā¢ No slang
ā¢ Humor
ā¢ No video / audio
ā¢ SCORM
9
11. Usually we don't have
time (and motivation) for
IS awareness and training...
11
12. Usually we don't have
time (and motivation) for
IS awareness and training...
ā¢ IS team
ā¢ Management
ā¢ Employees
12
13. Five āSās to Success
ā¢ Support
ā¢ Staff
ā¢ Soft skills
ā¢ Simplicity
ā¢ Smart
By SANS
13
14. Thanks!
Andrey Prozorov, CISM
My blog
My Patreon
My Linkedin
80na20.blogspot.com
www.patreon.com/AndreyProzorov
www.linkedin.com/in/andrey-prozorov-cism-90018530