
Transformational Security Awareness
What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Transformational Security Awareness
What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors
About this book
Expert guidance on the art and science of driving secure behaviors
Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change.
When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Frustrated with ineffective training paradigms, most security leaders know that there must be a better way. A way that engages users, shapes behaviors, and fosters an organizational culture that encourages and reinforces security-related values. The good news is that there is hope. That's what Transformational Security Awareness is all about.
Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization.
- Find out what you need to know about marketing, communication, behavior science, and culture management
- Overcome the knowledge-intention-behavior gap
- Optimize your program to work with the realities of human nature
- Use simulations, games, surveys, and leverage new trends like escape rooms to teach security awareness
- Put effective training together into a well-crafted campaign with ambassadors
- Understand the keys to sustained success and ongoing culture change
- Measure your success and establish continuous improvements
Do you care more about what your employees know or what they do? It's time to transform the way we think about security awareness. If your organization is stuck in a security awareness rut, using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes and oversights, then you NEED this book.
Frequently asked questions
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Information
II
The Tools of Transformation
In This Part
- Chapter 3: Marketing and Communications 101 for Security Awareness Leaders
- Chapter 4: Behavior Science 101 for Security Awareness Leaders
- Chapter 5: Culture Management 101 for Security Awareness Leaders
- Chapter 6: What's in a Modern Security Awareness Leaderâs Toolbox?
- Chapter 7: Voices of Transformation: Interviews with Security Awareness Vendors
3
Marketing and Communications 101 for Security Awareness Leaders
More than 80% of security awareness professionals have highly technical backgrounds. That's greatâthey understand the problemâbut that's bad because they're really bad at communicating the solution.Lance Spitzner, Director SANS Security Awareness1
THE ROLE OF COMMUNICATION
Communication is the glue that binds and the means of delivery. Just as security professionals provide subject matter expertise, developing an effective campaign requires individuals with good communication skills, familiarity with learning concepts, and knowledge of a variety of tools and techniques. A commonality of winning security campaigns is that the security messages are personal, emotional, and relevant. Getting these messages across also requires a mix of media, materials, and examples that are relevant to your particular environment and organization's culture.
The Communications Conundrum
Consistent with last year's report findings, the 2018 report shows that a clear majority of awareness professionals come from a technical background with less than 20% of individuals coming from non-technical fields such [as] communications, marketing, legal or human resources. While technically skilled professionals have some advantages, in that they have a solid understanding of technology and human-related risks, this can also create a challenge. These same individuals often lack the skills to effectively communicate those risks and engage employees in a way that changes behavior.
Sometimes the very best are horrible teachers.That's because they just can't remember what it's like being a beginner!Go talk to Mariah Carey and ask her how to break into the business. She doesn't know! She's been a diva for so longâshe requires that her music is played when she enters a roomâthat she has no idea what it's like to be a beginner.Love you, Mariah.Smart people have spent so many years working on something that they often forget what it's like to be a beginner.Like my computer science professor in college who once looked at my problemâwhich I was hopelessly stuck onâand he told me to âHarness the power of C.âPLEASE DIE!!!As you get more and more advanced in your career (or relationship or business or pretty much anything), it becomes h...
Table of contents
- Cover
- Table of Contents
- Foreword
- Introduction
- I: The Case for Transformation
- II: The Tools of Transformation
- III: The Process of Transformation
- Appendix: Seven Key Reminder Nudges to Help Your Recall
- Index
- End User License Agreement