Security Awareness
(SEC-AWARE.AE1) / ISBN : 978-1-64459-593-0
This course includes
Lessons
TestPrep
Lab
AI Tutor (Add-on)
About This Course
Skills You’ll Get
Get the support you need. Enroll in our Instructor-Led Course.
Interactive Lessons
17+ Interactive Lessons | 71+ Exercises | 237+ Quizzes |
Gamified TestPrep
1
Introduction
- About This Course
- False Assumptions
- Icons Used in This Course
2
Knowing How Security Awareness Programs Work
- Understanding the Benefits of Security Awareness
- Knowing How Security Awareness Programs Work
- Recognizing the Role of Awareness within a Security Program
- Disputing the Myth of the Human Firewall
3
Starting On the Right Foot: Avoiding What Doesn’t Work
- Making a Case Beyond Compliance Standards
- Treating Compliance as a Must
- Limiting the Popular Awareness Theories
- Distinguishing Social Engineering from Security Awareness
- Addressing Mental Models That Don’t Work
- Making Perfection the Stated Goal
- Measuring from the Start
- Prioritizing Program Over Product
- Choosing Substance Over Style
- Understanding the Role of Security Awareness
4
Applying the Science Behind Human Behavior and Risk Management
- Achieving Common Sense through Common Knowledge
- Borrowing Ideas from Safety Science
- Applying Accounting Practices to Security Awareness
- Applying the ABCs of Awareness
- Benefiting from Group Psychology
- Remembering That It’s All About Risk
5
Creating a Security Awareness Strategy
- Identifying the Components of an Awareness Program
- Figuring Out How to Pay for It All
6
Determining Culture and Business Drivers
- Understanding Your Organization’s Culture
- Identifying Subcultures
- Interviewing Stakeholders
- Partnering with Other Departments
7
Choosing What to Tell The Users
- Basing Topics on Business Drivers
- Incorporating Personal Awareness Topics
- Motivating Users to Do Things “Right”
- Common Topics Covered in Security Awareness Programs
8
Choosing the Best Tools for the Job
- Identifying Security Ambassadors
- Knowing the Two Types of Communications Tools
- Exploring Your Communications Arsenal
9
Measuring Performance
- Knowing the Hidden Cost of Awareness Efforts
- Meeting Compliance Requirements
- Collecting Engagement Metrics
- Measuring Improved Behavior
- Demonstrating a Tangible Return on Investment
- Recognizing Intangible Benefits of Security Awareness
- Knowing Where You Started: Day 0 Metrics
10
Assembling Your Security Awareness Program
- Knowing Your Budget
- Choosing to Implement One Program or Multiple Programs
- Gaining Support from Management
- Devising a Quarterly Delivery Strategy
- Deciding Whether to Include Phishing Simulations
- Planning Which Metrics to Collect and When
- Branding Your Security Awareness Program
11
Running Your Security Awareness Program
- Nailing the Logistics
- Getting All Required Approvals
- Getting the Most from Day 0 Metrics
- Creating Meaningful Reports
- Reevaluating Your Program
- Redesigning Your Program
- Considering Breaking News and Incidents
12
Implementing Gamification
- Understanding Gamification
- Identifying the Four Attributes of Gamification
- Figuring Out Where to Gamify Awareness
- Examining Some Tactical Gamification Examples
- Putting Together a Gamification Program
- Promoting the Program
13
Running Phishing Simulation Campaigns
- Knowing Why Phishing Simulations Matter
- Setting Goals for Your Phishing Program
- Planning a Phishing Program
- Choosing a Phishing Tool
- Implementing a Phishing Simulation Program
- Running a Phishing Simulation
- Tracking Metrics and Identifying Trends
- Dealing with Repeat Offenders
- Management Reporting
14
Ten Ways to Win Support for Your Awareness Program
- Finding Yourself a Champion
- Setting the Right Expectations
- Addressing Business Concerns
- Creating an Executive Program
- Starting Small and Simple
- Finding a Problem to Solve
- Establishing Credibility
- Highlighting Actual Incidents
- Being Responsive
- Looking for Similar Programs
15
Ten Ways to Make Friends and Influence People
- Garnering Active Executive Support
- Courting the Organization’s Influencers
- Supporting Another Project That Has Support
- Choosing Topics Important to Individuals
- Having Some Fun Events
- Don’t Promise Perfection
- Don’t Overdo the FUD Factor
- Scoring an Early Win
- Using Real Gamification
- Integrating the Organization’s Mission Statement
16
Ten Fundamental Awareness Topics
- Phishing
- Business Email Compromise
- Mobile Device Security
- Home Network and Computer Security
- Password Security
- Social Media Security
- Physical Security
- Malware and Ransomware
- Social Engineering
- It Can Happen to You
17
Ten Helpful Security Awareness Resources
- Security Awareness Special Interest Group
- CybSafe Research Library
- Cybersecurity Culture Guidelines
- RSA Conference Library
- You Can Stop Stupid
- The Work of Sydney Dekker
- Human Factors Knowledge Area
- People-Centric Security
- Human Security Engineering Consortium
- How to Run a Security Awareness Program Course