| Description |
1 online resource |
|
text file PDF rda |
| Bibliography |
Includes bibliographical references and index. |
| Contents |
At a Glance; Contents; About the Author; About the Technical Reviewer; Acknowledgments; Foreword; Chapter 1: Challenges Faced by Organizations; Effective Training Is Difficult; Knowledge Is Not Enough; Chapter 2: Active Feedback; Gamification; Active Feedback Element: Clearly Define the Goal; Active Feedback Element: Score Progress Toward the Goal; Active Feedback Element: Provide Frequent Feedback; Active Feedback Element: Habits to Reach the Goal; Active Feedback Element: Habit Coaching; Multiple Habits; Awards, Rewards, and Recognition; Gaming the System. |
|
Chapter 3: Behavioral ModificationShaping, Not Shaming; Volunteered Behaviors; Positive Reinforcement; Incident Response and Security Awareness; "That User"; Attackers Use Behavioral Tricks; Chapter 4: Persistent Training; Benefits of Persistent Training; Graduated Learning; Spaced Repetition; Integration with Active Feedback; A Warning About Persistent Training; Chapter 5: Metrics and Measures; Objective Metrics; Subjective Metrics; Chapter 6: Pro Tips; The Millennial Factor; How Near-Miss Bias Affects Security Awareness Training; Lie; Customize; The Home Front; Show Real Attacks. |
|
CopywritingMindfulness; Each One Teach One; The Attacker's Mind-Set; Chapter 7: Security Culture; Making Security as Sexy as Brushing Your Teeth; Stickers, Lipstick, Joysticks, Sticks; Create a Subculture of Change; A Vocal Team of Interconnected Volunteers; Find the Big Idea; The Five Whys; Align to Business Goals; Recruit Volunteers; Support the Volunteers; Volunteers Draft the Plan; Tell Their Stories; Rinse, Repeat; Will It Work?; Accelerate; Storebrand Case Study; Security Operation Center Case Study; Chapter 8: Take Your Program to the Next Level; Appendix A: Lessons from the Masters. |
|
Wombat Security TechnologiesPhishLine; Rapid7; Curricula; How to Implement Third-Party Training; Wombat Security Technologies' Joe Ferrara; PhishLine's Mark Chapman; Rapid7's Todd Lefkowitz; Curricula's Nick Santora; References; Index. |
| Summary |
Gain greater compliance with corporate training by addressing the heart of the very awareness vs. compliance problem: people are human. People have incredible strengths and incredible weaknesses, and as a Information Security professional, you need to recognize and devise training strategies that take advantage of both. This concise book introduces two such strategies, which combined, can take a security awareness program to the next level of effectiveness, retention, compliance, and maturity. Security policies and procedures are often times inconvenient, technically complex, and hard to understand. Advanced Persistent Training provides numerous tips from a wide range of disciplines to handle these especially difficult situations. Many information security professionals are required by regulation or policy to provide security awareness training within the companies they work for, but many believe that the resulting low compliance with training does not outweigh the costs of delivering that training. There are also many who believe that this training is crucial, if only it could be more effective. |
| Subject |
Computer security.
|
|
Computer networks -- Security measures.
|
|
Computer Science. |
|
Security. |
|
Computer Applications. |
|
Systems and Data Security. |
|
Sécurité informatique. |
|
Réseaux d'ordinateurs -- Sécurité -- Mesures. |
|
Information technology: general issues. |
|
Computer security. |
|
Computer networks -- Security measures |
|
Computer security |
| Other Form: |
Printed edition: 9781484228340 |
| ISBN |
9781484228357 (electronic bk.) |
|
1484228359 (electronic bk.) |
|
1484228340 |
|
9781484228340 |
| Standard No. |
10.1007/978-1-4842-2835-7 doi |
|
9781484228340 |
|
More Resources