Re: RE: Annual Security Awareness program

[viveksilla () gmail com]

User awareness is an essential component of security and all orgaizations should take steps to reduce the risk from 
People element.
To my knowledge, security awarnesss is a part of induction program in most of the organizations. 
Many organizations do conduct periodic awareness programs, but when it is an essential point for regulatory compliance, 
all organizations have to.
Though classroom kind of sessions could be most effective, the practicality of conducting such sessions atleast once in 
a year should also be seen considering the headcounts.
Though probably less effective, but more practical method could be the use of Computer Based Trainings, which many 
organizations do adopt to ensure compliance. 
Though there might not be any silver bullet, but a mix of Periodic broadcasts, Eye Catching posters at key locations, 
Security wall papers on all machines, periodic floor sessions as well as CBTs might result in effective user awareness 
while ensuring regulatory compliance.

Regards
Vivek Silla a.k.a V1cky 8@8@

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available. 

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------