- End User Awareness - A large proportion of security incidents are directly related to the actions of end users. Even basic end user security training can produce significant rewards in most organisations.
- IT Team Awareness - Raising awareness of security policies, processes and procedures in the IT team empowers them to incorporate appropriate security practices in all that they do. This results in security being addressed at earlier stages of IT projects resulting in significant savings down the track.
- Executive Level Awareness - Raising awareness of information security and risk management at the executive level is critical. It demonstrates the value that information security can provide to the organisation and reverses the idea of it being just another cost centre. The information security and risk management team provide value to the organisation by enabling it to conduct business in a risk-aware way. The executive team should know that they can rely on the information security and risk management team to advise them on risks and provide guidance on how to operate the business in more effective ways.
Information Security Awareness Training
Policies, procedures and standards are of little use if no one is aware of them. This is where information security training and awareness comes into play. Jake Smith Consulting can assist in the following security awareness training areas: