SECURITY AWARENESS - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

SECURITY AWARENESS

Description:

More precisely and from the IT perspective, security awareness teaches about ... 5. Firewalls and IDS provide only baseline. protection. PROBLEMS ... – PowerPoint PPT presentation

Number of Views:461
Avg rating:3.0/5.0
Slides: 11
Provided by: O762
Category:

less

Transcript and Presenter's Notes

Title: SECURITY AWARENESS


1
SECURITY AWARENESS BY Oje Ikhimioya
2
DEFINITION
Awareness is a state of having perception or
knowledge. More precisely and from the IT
perspective, security awareness teaches about
that aspect of computer security that cannot be
solved using conventional hardware or software
methods. Its main focus is the human
element. THE EMPLOYEE
3
IMPORTANCE
1. Confidentiality, Integrity, Availability. 2.
Cost of responding to incidents. 3.
Organizations rely on Information
Technology. 4. Information Security is every
employees responsibility. 5. Firewalls and
IDS provide only baseline protection.
4
PROBLEMS
  • It is important to understand there are several
    obstacles when creating a security awareness
    program.
  • Difficult to implement if it is not started from
    the beginning.
  • Perception that security is for IT personnel
    only.
  • New technology/behavioral change is always hard
    to get used to.
  • Lack of follow-up.
  • Lack of organization and planning.

5
BUILDING AN EFFECTIVE SECURITY AWARENESS TRAINING
PROGRAM
  • To build an effective security awareness training
    program, the key steps are
  • Developing a sound, clear and precise security
    policy.
  • Identifying areas where there should be training
    by carrying out interviews, surveys, quizzes,
    etc.
  • Obtaining support from senior management/key
    personnel.
  • Determining the target audience. Which employee?.
  • Deciding the key messages for senior management,
    management, technical people and other employees.

6
HOW TO BE EFFECTIVE
6. Deciding the means of communication like
e-mails, newsletters, posters, videos,
reminders, etc. 7. Developing an effective
implementation plan. 8. Developing an ability to
measure and determine its success and/or
failure like having a baseline for employee
understanding.
7
TOPICS TO CONSIDER
  • Passwords.
  • Physical security.
  • Social Engineering.
  • Viruses, trojans and worms (malware).
  • Spam, email and internet usage.
  • Unauthorized hardware and software.
  • Access control and backup procedures.
  • Business continuity and disaster recovery.

8
GOAL OF THE PROGRAM
  • Employees recognize their responsibility to
    protect the company's information assets.
  • Employees understand the value of information
    security.
  • Employees understand violations and who to
    contact of any security breach.
  • Maintaining a high level of security among
    employees.

9
HACKER VS SECURITY MANAGER
A very obvious scenario is a hacker who knows
there is no machinery in place that restricts
what employees should or should not do in terms
of information security. Social engineering is
growing and its impact cannot be
over-emphasized. The security manager is at a
better position to protect and defend the
companys information assets from external and
internal threats. Security awareness may not
totally eliminate internal security threats but
it would definitely help to block loopholes that
may serve as entry points for attacks.
10
QUESTIONS? (THE END)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SECURITY AWARENESS" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!