Explain why a strong security awareness program is important

Explain why a strong security awareness program is important and briefly describe what should be included in the training, who should be trained, and how often the training should be.

Solution

security awarness training is a formal process for educating employees about computer security

one of the greatesr threat to information securty is coming from within in your company or organisation. inside attacks have been noted to some of the most dangerous since these people are familiar with the infrastructure.

Types of training

1) class room type training

these can be in Q&A periof after materials are presented as the contact information distributed for questions might popup afterward.some companies offer videobased training,webbased and role playing and simulation games so interaction in two ways.training session take longer time and depends on effectiveness.this method is used by nomeans(dublin 2006)

2) security awarness website

it consists of different sections eg malware,hoaxes,filesharing .this could be selfpaced so users can log and us it and the login users can also be tracked so that who attended can be known.

3) Helpful hints

these are displayed on the screen when the users are logged in eg (to keep passowrd safe ) the are very simple as remaindeing someone to change password.

4) Visual ads

these are lone source of security awarness training , one says change them often ,another says not to leave passwords lying around,another says not to leave them.

5) Promotions

security tip can appear on flyers distributed across userbase and could even go sofar to hand out pencils and/or keychains with a catchy realated security phrase or remainder.

TRAINING TOPICS

physical security

desktop security

wireless networks and security

password security

phising

hoaxes