SlideShare a Scribd company logo
Why an Information Security Awareness Program is needed in an Information Communications Technology Environment
Information Security Vision ,[object Object]
AGENDA ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Need for a Program ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Symantec
The Security Gap ,[object Object],[object Object],[object Object],[object Object],[object Object]
Laws – Regulations – Guidelines ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Porter Post Accreditation Activities Accreditation Process Certification Process Organization’s Security Policies and Programs Security Standards & Best Practices Laws & Regulations
Security Awareness Program ,[object Object],[object Object],[object Object],[object Object]
Security Awareness Program Objective ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ROI from Security Awareness ,[object Object],[object Object],[object Object],[object Object],[object Object]
Risk Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],G.A.I.S.P. Designs operational components of solution and estimates operating costs Information Technology: Operations Designs technical solutions and estimates engineering costs Information Technology: Engineering Determines probability of impact on business assets Information Security Group Determines value of business assets Business Owner Responsibility Role
Information Security Drivers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusion  Businesses must protect the confidentiality, integrity, and availability of information in today’s highly networked systems environment. An effective IT security awareness, training and education program, as part of the overall IT security program, gives users the needed tools and information to protect an businesses vital information resources.

More Related Content

What's hot

Information security awareness, middle management
Information security awareness, middle managementInformation security awareness, middle management
Information security awareness, middle management
haneen Emeir, CISA, ISO27001
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
Atlantic Training, LLC.
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
Abdul Manaf Vellakodath
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
Ahmed Musaad
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
NetWatcher
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
jubke
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
davidcurriecia
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
User security awareness
User security awarenessUser security awareness
User security awareness
K. A. M Lutfullah
 
It security and awareness training 5 10-2018
It security and awareness training 5 10-2018It security and awareness training 5 10-2018
It security and awareness training 5 10-2018
jubke
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
AbdalrhmanTHassan
 
GRRCON 2013: Imparting security awareness to all levels of users
GRRCON 2013: Imparting security awareness to all levels of usersGRRCON 2013: Imparting security awareness to all levels of users
GRRCON 2013: Imparting security awareness to all levels of users
Joel Cardella
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
Gurjit
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and Individuals
Josh Moulin, MSISA,CISSP
 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness training
Sandeep Taileng
 

What's hot (20)

Information security awareness, middle management
Information security awareness, middle managementInformation security awareness, middle management
Information security awareness, middle management
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
User security awareness
User security awarenessUser security awareness
User security awareness
 
It security and awareness training 5 10-2018
It security and awareness training 5 10-2018It security and awareness training 5 10-2018
It security and awareness training 5 10-2018
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
GRRCON 2013: Imparting security awareness to all levels of users
GRRCON 2013: Imparting security awareness to all levels of usersGRRCON 2013: Imparting security awareness to all levels of users
GRRCON 2013: Imparting security awareness to all levels of users
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and Individuals
 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness training
 

Similar to Isa Prog Need L

Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Richard Lawson
 
Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)
Md Shaifullar Rabbi
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
Anil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
Anil
 
D1 security and risk management v1.62
D1 security and risk management  v1.62D1 security and risk management  v1.62
D1 security and risk management v1.62
AlliedConSapCourses
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
nooralmousa
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution:  Deepening the defence against cyber c...Prevention Is Better Than Prosecution:  Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Jacqueline Fick
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
Swati Gupta
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014
Aladdin Dandis
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
360 BSI
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
Hamed Moghaddam
 
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
360 BSI
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security Program
Shauna_Cox
 
PCI DSS Compliance and Security: Harmony or Discord?
PCI DSS Compliance and Security: Harmony or Discord?PCI DSS Compliance and Security: Harmony or Discord?
PCI DSS Compliance and Security: Harmony or Discord?
Lumension
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
madunix
 
Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an Organisation
Syed Azher
 
Convergence innovative integration of security
Convergence   innovative integration of securityConvergence   innovative integration of security
Convergence innovative integration of security
ciso_insights
 
The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...
The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...
The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...
AmeliaJonas2
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016
Prime Infoserv
 
II Security At Microsoft
II Security At MicrosoftII Security At Microsoft
II Security At Microsoft
Mark J. Feldman
 

Similar to Isa Prog Need L (20)

Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
 
Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
D1 security and risk management v1.62
D1 security and risk management  v1.62D1 security and risk management  v1.62
D1 security and risk management v1.62
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution:  Deepening the defence against cyber c...Prevention Is Better Than Prosecution:  Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
 
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
Cybersecurity Management: Preventing Data Breaches in the Age of Big Data, 25...
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security Program
 
PCI DSS Compliance and Security: Harmony or Discord?
PCI DSS Compliance and Security: Harmony or Discord?PCI DSS Compliance and Security: Harmony or Discord?
PCI DSS Compliance and Security: Harmony or Discord?
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an Organisation
 
Convergence innovative integration of security
Convergence   innovative integration of securityConvergence   innovative integration of security
Convergence innovative integration of security
 
The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...
The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...
The Crucial Role of Security Testing Services in Ensuring a Secure and Effici...
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016
 
II Security At Microsoft
II Security At MicrosoftII Security At Microsoft
II Security At Microsoft
 

Isa Prog Need L

  • 1. Why an Information Security Awareness Program is needed in an Information Communications Technology Environment
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. Conclusion Businesses must protect the confidentiality, integrity, and availability of information in today’s highly networked systems environment. An effective IT security awareness, training and education program, as part of the overall IT security program, gives users the needed tools and information to protect an businesses vital information resources.