The Path to Security - Preventing User Negligence Sarah Kennedy.
-
Upload
beverly-hunt -
Category
Documents
-
view
216 -
download
1
Transcript of The Path to Security - Preventing User Negligence Sarah Kennedy.
The Path to Security - Preventing User NegligenceSarah Kennedy
Overview
How Students are TaughtHow InfoSec Professionals
TeachWhy Awareness is ImportantGoalsTools to use
How Students are Taught
How InfoSec Professionals Teach
Let someone else handle it….
Why Awareness is Important
Symantec Study states: employee negligence and system glitches account for 64% of data breaches
62% of employees think it’s acceptable to transfer corporate data outside of the company on personal devices and cloud services
Employee negligence breaches are increasing with every study performed
Training Goals
Make it personalTrain for behavior changesCatchy
Marketing style awareness
Reinforcement and Repetition Make it fun!
This is an Ultimate Repeatable Goal!
Adam Grant - Organizational Psychologist
“Wash your hands to protect yourself”
“Wash your hands to protect your patients”
“Practice information security to protect our customers”
“Use information security to protect your family”
Negative vs Positive
“Don’t or you will be reprimanded with consequences up to termination of employment.“
Don’t let someone tailgate behind you to enter the building.
Make sure you to help prevent data breaches.
Do be mindful of people attempting to follow you into the building.
Analogies
Games!
Practicing Preventative Scenarios
Lock Your Computer Tag
Main Goals for InfoSec Professionals
Information Security is everyone’s job requirement, Not just IT’s.
To protect the customers, It’s what we expect when we are the customer.
Remember: It’s Possible!
Questions?