Ira Winkler - Security Awareness For Dummies
Здесь есть возможность читать онлайн «Ira Winkler - Security Awareness For Dummies» — ознакомительный отрывок электронной книги совершенно бесплатно, а после прочтения отрывка купить полную версию. В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Жанр: unrecognised, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.
- Название:Security Awareness For Dummies
- Автор:
- Жанр:
- Год:неизвестен
- ISBN:нет данных
- Рейтинг книги:3 / 5. Голосов: 1
-
Избранное:Добавить в избранное
- Отзывы:
-
Ваша оценка:
Security Awareness For Dummies: краткое содержание, описание и аннотация
Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «Security Awareness For Dummies»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.
Since security programs are only as effective as a team’s willingness to follow their rules and protocols, it’s increasingly necessary to have not just a widely accessible gold standard of security, but also a practical plan for rolling it out and getting others on board with following it.
gives you the blueprint for implementing this sort of holistic and hyper-secure program in your organization.
Written by one of the world’s most influential security professionals—and an Information Systems Security Association Hall of Famer—this pragmatic and easy-to-follow book provides a framework for creating new and highly effective awareness programs from scratch, as well as steps to take to improve on existing ones. It also covers how to measure and evaluate the success of your program and highlight its value to management.
Customize and create your own program Make employees aware of the importance of security Develop metrics for success Follow industry-specific sample programs Cyberattacks aren’t going away anytime soon: get this smart, friendly guide on how to get a workgroup on board with their role in security and save your organization big money in the long run.
Security Awareness For Dummies — читать онлайн ознакомительный отрывок
Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «Security Awareness For Dummies», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.
Интервал:
Закладка:
9 Appendix: Sample Questionnaire Questions for the CISO or Similar Position Questions for All Employees Questions for the HR Department Questions for the Legal Department Questions for the Communications Department Questions Regarding the Appropriate Person for Physical Security
10 Index
11 About the Author
12 Advertisement Page
13 Connect with Dummies
14 End User License Agreement
List of Illustrations
1 Chapter 3FIGURE 3-1: The ABCs of awareness.FIGURE 3-2: The ABCs of behavioral science.FIGURE 3-3: The Forgetting Curve.
2 Chapter 9FIGURE 9-1: A sample quarterly awareness program interspersing topics.
3 Chapter 10FIGURE 10-1: Consolidated metrics dashboard.FIGURE 10-2: Mobile device loss.FIGURE 10-3: Phishing results bar graph.
Guide
1 Cover
2 Title Page
3 Copyright
4 Table of Contents
5 Begin Reading
6 Appendix: Sample Questionnaire
7 Index
8 About the Author
Pages
1 i
2 ii
3 1
4 2
5 3
6 4
7 5
8 6
9 7
10 8
11 9
12 10
13 11
14 12
15 13
16 14
17 15
18 16
19 17
20 19
21 20
22 21
23 22
24 23
25 24
26 25
27 26
28 27
29 28
30 29
31 30
32 31
33 33
34 34
35 35
36 36
37 37
38 38
39 39
40 40
41 41
42 42
43 43
44 44
45 45
46 46
47 47
48 48
49 49
50 50
51 51
52 52
53 53
54 54
55 55
56 56
57 57
58 58
59 59
60 61
61 62
62 63
63 64
64 65
65 66
66 67
67 68
68 69
69 70
70 71
71 72
72 73
73 75
74 76
75 77
76 78
77 79
78 80
79 81
80 82
81 83
82 84
83 85
84 86
85 87
86 89
87 90
88 91
89 92
90 93
91 94
92 95
93 96
94 97
95 98
96 99
97 100
98 101
99 102
100 103
101 104
102 105
103 107
104 108
105 109
106 110
107 111
108 112
109 113
110 114
111 115
112 116
113 117
114 118
115 119
116 120
117 121
118 122
119 123
120 124
121 125
122 126
123 127
124 128
125 129
126 130
127 131
128 132
129 133
130 134
131 135
132 136
133 137
134 138
135 139
136 140
137 141
138 143
139 144
140 145
141 146
142 147
143 148
144 149
145 150
146 151
147 152
148 153
149 154
150 155
151 156
152 157
153 158
154 159
155 160
156 161
157 162
158 163
159 164
160 165
161 166
162 167
163 168
164 169
165 170
166 171
167 172
168 173
169 174
170 175
171 176
172 177
173 178
174 179
175 180
176 181
177 182
178 183
179 184
180 185
181 186
182 187
183 188
184 189
185 190
186 191
187 192
188 193
189 194
190 195
191 196
192 197
193 198
194 199
195 200
196 201
197 202
198 203
199 204
200 205
201 206
202 207
203 208
204 209
205 210
206 211
207 212
208 213
209 214
210 215
211 216
212 217
213 218
214 219
215 220
216 221
217 222
218 223
219 224
220 225
221 227
222 228
223 229
224 230
225 231
226 233
227 234
228 235
229 236
230 237
231 238
232 239
233 240
234 241
235 242
236 243
237 244
238 245
239 246
240 247
241 248
242 249
243 250
244 251
245 253
246 254
247 255
248 256
249 257
250 258
251 259
252 260
253 261
254 262
255 263
256 264
257 265
258 266
259 267
260 268
261 269
262 270
263 271
264 272
265 273
Introduction
Creating security awareness among users is much more difficult and complicated than just telling them, “Bad people will try to trick you. Don’t fall for their tricks.” Not only is that advice usually insufficient, but you also have to account for much more than just bad people tricking your users. People lose equipment. They frequently know what to do, but have competing priorities. They may just not care. Relying on the user knowing what to do is not a silver bullet that creates a true firewall. However, with the right plan and strategy, you can make a measurable difference in improving user behavior. This book puts you on the right path to creating effective security awareness programs that meaningfully reduce risk to your organization.
About This Book
I started my career in cybersecurity performing social engineering and penetration tests. I put together teams of former special forces officers and intelligence operatives, and we targeted companies as nation-states would. I focused on black bag operations, which often consist of clandestine activities such as lock picking or safecracking, and otherwise infiltrating protected facilities. I went undercover to infiltrate organizations and persuade users to give me sensitive information. These operations led to the theft of reportedly billions of dollars of information and intellectual property. (I gave it all back.)
My “victims” then had me go back to their organizations and tell the stories about what I did, as a form of security awareness. The users were mesmerized by my stories. I heard about some successes in improved awareness, but when I went back for further assessments, the reality was that no real improvement had occurred. Just telling stories and telling people what not to do has limited impact.
Over two decades, I created and supported dozens, if not hundreds, of awareness programs for organizations of all types and sizes. I was able to see what worked best and what didn’t. I found that many of the common beliefs and strategies just didn’t work. They sounded great, but they were specious.
Читать дальшеИнтервал:
Закладка:
Похожие книги на «Security Awareness For Dummies»
Представляем Вашему вниманию похожие книги на «Security Awareness For Dummies» списком для выбора. Мы отобрали схожую по названию и смыслу литературу в надежде предоставить читателям больше вариантов отыскать новые, интересные, ещё непрочитанные произведения.
Обсуждение, отзывы о книге «Security Awareness For Dummies» и просто собственные мнения читателей. Оставьте ваши комментарии, напишите, что Вы думаете о произведении, его смысле или главных героях. Укажите что конкретно понравилось, а что нет, и почему Вы так считаете.