Login/Register
Login
Register
Podcaster Register
×
Home
Top Podcaster
Networks
By Language
By Country
By Category
About Us
Contact Us
Faqs
Features
News & Blogs
Privacy Policy
Terms Of Use
☰
Home
Top Podcaster
Guest
Login
Register
Podcaster Register
Comedy
Arts
Games & Hobbies
Business
Motivation
More
Religion & Spirituality
Education
Arts and Design
Health
Fashion & Beauty
Government & Organizations
Kids & family
Music
News & Politics
Science & Medicine
Society & Culture
Sports & Recreation
TV & Film
Technology
Philosophy
Storytelling
Horror and Paranomal
True Crime
Leisure
Travel
Fiction
Crypto
Marketing
History
Home
Top Podcaster
Networks
By Language
By Country
By Category
About Us
Contact Us
Faqs
Features
News & Blogs
Privacy Policy
Terms Of Use
Search
By Category
Arts
Arts and Design
Business
Comedy
Crypto
Education
Fashion & Beauty
Fiction
Games & Hobbies
Government & Organizations
Health
History
Horror and Paranomal
Kids & family
Leisure
Marketing
Motivation
Music
News & Politics
Philosophy
Religion & Spirituality
Science & Medicine
Society & Culture
Sports & Recreation
Storytelling
Technology
Travel
True Crime
TV & Film
By Language
Afar
Afrikaans
Akan
Albanian
Amharic
Arabic
Armenian
Assamese
Azerbaijani
Bambara
Basque
Belarusian
Bengali
Bihari languages
Bosnian
Breton
Bulgarian
Burmese
Catalan Valencian Active
Central Khmer
Chamorro
Chechen
Chichewa
Corsican
Croatian
Czech
Danish
Dutch
Dzongkha
English
Esperanto
Estonian
Ewe
Faroese
Finnish
French
Fulah
Gaelic, Scottish
Galician
Georgian
Georgien
German
Greek
Greek (modern)
Greenlandic
Gujarati
Hausa
Hebrew (modern)
Hindi
Hungarian
Icelandic
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Kinyarwanda
Korean
Kurdish
Kyrgyz/ Kirghiz
Latin
Latvian
Lithuanian
Luxembourgish
Macedonian
Maithili
Malagasy
Malay
Malayalam
Maltese
Mandarin Chinese
Maori
Marathi
Mongolian
Nepali
North Ndebele
Northern Sami
Norwegian
Norwegian Bokmål
Norwegian Nynorsk
Oriya
Oromo
Pashto
Persian
Polish
Portuguese
Punjabi
Quechua
Romanian
Romansh
Russian
Sanskrit
Serbian
Serbian
Serbo-Croato-Slovenian
Sindhi
Sinhala
Slovak
Slovenian
Somali
South Ndebele
Spanish
Sundanese
Swahili
Swedish
Tagalog
Tajik
Tamil
Tatar
Telugu
Thai
Tibetan
Tigrinya
Tongan
Tswana
Turkish
Twi
Uighur. Uyghur
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Wolof
Xhosa
Yiddish
Yoruba
Zulu
By Country
Afghanistan
Algeria
Andorra
Argentina
Armenia
Australia
Austria
Azerbaijan
Bangladesh
Belgium
Bosnia and Herzegovina
Brazil
Bulgaria
Canada
Chile
China
Colombia
Costa Rica
Croatia
Cyprus
Czech Republic
Denmark
Dominican Republic
Ecuador
Egypt
El Salvador
Estonia
Faroe Islands
Finland
France
Georgia
Germany
Greece
Hong Kong
Hungary
Iceland
India
Indonesia
Iran
Ireland
Israel
Italy
Japan
Kazakhstan
Kuwait
Lao Peoples Democratic Republic
Lithuania
Luxembourg
Mexico
Namibia
Netherlands
New Zealand
Niger
North Korea
Norway
Pakistan
Panama
Peru
Philippines
Poland
Portugal
Puerto Rico
Republic of the Congo
Romania
Russia
Saudi Arabia
Serbia
Slovenia
Somalia
South Africa
South Korea
Spain
Sri Lanka
Sweden
Switzerland
Syria
Taiwan
Tajikistan
Thailand
Turkey
UAE
UK
Ukraine
USA
Uzbekistan
Venezuela
Vietnam
Home
>
The Southern Fried Security Podcast
> Episode 202: -Evaluating Your Security Program : Awareness & Education
Podcast:
The Southern Fried Security Podcast
Episode:
Episode 202: -Evaluating Your Security Program : Awareness & Education
Category:
Technology
Duration:
00:33:36
Publish Date:
2018-01-29 23:31:35
Description:
Episode 202 - Evaluating Your Security Program: Awareness & Education
Why Evaluate Your Program
Part of annual policy review
If you don't evaluate you will never improve
Continual review will help protect your budget
Awareness and Education is how most people in your org know the program
Threat Mapping maps the outside threats to your inside controls & tech
Communications is that final turn from the inside out
Start At The Outside and Move Your Way In
What do you think you do?
Mandatory CBLs
CyberCyberCyberStuff (Posters, Email, Swag)
Briefings and Classes
Phishing Awareness
$NOVEL_IDEA
How many people is it designed to engage?
Not how many people took the awareness, how many people were ENGAGED?
How many people were actually engaged?
How did they do? (CBL completions, % phished, reviews, etc)
If CBL_Completion = 15(clicks) then you may want to rethink that
0% phished is not a sign of a great security program...more likely a sign of a bad phishing program
If there is no way to allow for anonymous reviews of training/briefings/etc then you're not likely to get fully honest reviews (Who wants to piss off security?)
Are you being honest with yourself?
How do you measure it?
Measuring Awareness & Education
Don't change the measurement...change the program
The key to long term success is consistently measuring the same thing over time
You may want to update goals (up or down) but be able to explain why especially if you are making the test easier
Big changes in delivery will skew the numbers in ways you likely will not like
Constant large turmoil is counter to most corporate cultures
Small changes take advantage of previous investments best
"Iterate small and grow larger" - doing too much too fast almost always ends is highly suboptimal results over time
Don't make drastic changes until Year 3 unless you have to make drastic changes
Clearly failing components should be axed and replaced and not tweaked around the edges - especially if there's a compliance or safety aspect
Adjusting The Program
If this feels like "Wash, Rinse, Repeat" it's because is it "Wash, Rinse, Repeat"
Total Play:
0
Your browser does not support the audio element.
.png)
More
Religion & Spirituality
Education
Arts and Design
Health
Fashion & Beauty
Government & Organizations
Kids & family
Music
News & Politics
Science & Medicine
Society & Culture
Sports & Recreation
TV & Film
Technology
Philosophy
Storytelling
Horror and Paranomal
True Crime
Leisure
Travel
Fiction
Crypto
Marketing
History
Comedy
Arts
Games & Hobbies
Business
Motivation