Book description
Expert guidance on the art and science of driving secure behaviors
Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change.
When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Frustrated with ineffective training paradigms, most security leaders know that there must be a better way. A way that engages users, shapes behaviors, and fosters an organizational culture that encourages and reinforces security-related values. The good news is that there is hope. That’s what Transformational Security Awareness is all about.
Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization.
- Find out what you need to know about marketing, communication, behavior science, and culture management
- Overcome the knowledge-intention-behavior gap
- Optimize your program to work with the realities of human nature
- Use simulations, games, surveys, and leverage new trends like escape rooms to teach security awareness
- Put effective training together into a well-crafted campaign with ambassadors
- Understand the keys to sustained success and ongoing culture change
- Measure your success and establish continuous improvements
Do you care more about what your employees know or what they do? It's time to transform the way we think about security awareness. If your organization is stuck in a security awareness rut, using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes and oversights, then you NEED this book.
Table of contents
- Cover
- Foreword
- Introduction
- I: The Case for Transformation
-
II: The Tools of Transformation
- 3 Marketing and Communications 101 for Security Awareness Leaders
-
4 Behavior Management 101 for Security Awareness Leaders
- Your Users Aren't Stupid, They're Human
- Thinking, Fast and Slow
- Working with Human Nature Rather Than Against
- The Nuts and Bolts of Shaping Behavior
- The Problem with Motivation
- Designing and Debugging Behavior
- Tracking Results and Measuring Effectiveness
- Key Takeaways
- Notes and References
- Additional Reading
- 5 Culture Management 101 for Security Awareness Leaders
-
6 What's in a Modern Security Awareness Leader's Toolbox?
- Content Is King: Videos, Learning Modules, and More
- Experiences: Events, Meetings, and Simulations
- Relationships: Bringing Context to Content and Experiences
- Be Intentional and Opportunistic, Always
- Use Your Metrics and Anecdotes to Help Tell and Reinforce Your Story
- Key Takeaways
- Notes and References
-
7 Voices of Transformation: Interviews with Security Awareness Vendors
- Anna Collard, Popcorn Training
- Chris Hadnagy, Social Engineer
- Drew Rose, Living Security
- Gary Berman, The CyberHero Adventures: Defenders of the Digital Universe
- Jason Hoenich, Habitu8
- Jim Shields, Twist and Shout
- Kai Roar, CLTRe
- Lisa Plaggemier, InfoSec Institute
- Masha Sedova, Elevate Security
- Stu Sjouwerman, KnowBe4
- Tom Pendergast, MediaPRO
- Winn Schwartau, The Security Awareness Company (SAC)
- Reference
-
III: The Process of Transformation
- 8 Living Your Awareness Program Through the Eyes and Lives of Your Audience
- 9 Putting It All Together
- 10 Closing Thoughts
-
11 Voices of Transformation: Interviews with Security Awareness Program Leaders
- Bruce Hallas, Marmalade Box
- Carlos Miró, MUFG Union Bank
- Dr. Cheryl O. Cooper, Sprint Corporation
- Krina Snider, Sprint
- Mark Majewski, Quicken Loans
- Michael Lattimore, Independent Consultant
- Mo Amin, Independent Consultant
- Prudence Smith, Senior Cyber and Information Security Consultant and Industry Speaker
- Thom Langford, (TL)2 Security
- Tory Dombrowski, Takeform
- Appendix: Seven Key Reminder Nudges to Help Your Recall
- Index
- End User License Agreement
Product information
- Title: Transformational Security Awareness
- Author(s):
- Release date: May 2019
- Publisher(s): Wiley
- ISBN: 9781119566342
You might also like
book
Security Awareness For Dummies
Make security a priority on your team Every organization needs a strong security program. One recent …
book
Building an Information Security Awareness Program
The best defense against the increasing threat of social engineering attacks is Security Awareness Training to …
book
Cybersecurity Leadership Demystified
Gain useful insights into cybersecurity leadership in a modern-day organization with the help of use cases …
book
Information Security Management Principles - Second edition
Commercial, personal and sensitive information is very hard to keep secure, and technological solutions are not …