Security Awareness Programs Are Not just For Compliance

Jan 16, 2014 8:35:20 PM

I see a significant gap in not only how the need for Security Awareness training is perceived as needed but also in the general quality of the programs and training delivered vs other types of training. In many cases small companies avoid security awareness training due to ignorance, cost fears, or fears it will stifle their culture of creativity. This research project is structured to give CIO’s, CISO’s, and other security and IT managers the data to motivate them to provide in security awareness training programs thereby bringing about change in their organizations.

Some of the key goals of the project are to identify, by industry:

Deltas between the quality of what IT and Security think they are delivering and what end users think are getting.
Gaps between spending on technical/job training and Awareness training.
Can/How organizations measure training effectiveness.

Sponsors of the report can receive a number of benefits including full details of findings, detailed and custom analysis of results, an executive summary with sponsor branding, distribution rights, webinar and others.

If you would like like to understand more of the benefits of sponsorship, please contact sales@emausa.com.

If you haven’t already come from there, I have put together a compelling argument on Information Security Buzz that you can see by clicking here.

Topics: Computer security IT Management Consultants David Monahan General and Freelance Information security Policy security Security Security awareness Training

Written by David Monahan

David is a senior information security executive with several years of experience. He has organized and managed both physical and information security programs, including security and network operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse audit and compliance and risk and privacy experience such as providing strategic and tactical leadership to develop, architect, and deploy assurance controls; delivering process and policy documentation and training; and working on educational and technical solutions.

Last minute 2014 RSA Boycotts Hurt Attendees not RSA

Don’t Believe Everything You Read – Especially About Enterprise Mobility!

Founded in 1996, Enterprise Management Associates (EMA) is a leading industry analyst and consulting firm that specializes in going “beyond the surface” to provide deep insight across the full spectrum of IT and data management technologies. We deliver research, analysis, and consulting services to two key client groups: Enterprise IT Professionals and IT and Data Management Vendors.

For our Enterprise IT clients, we deliver in-depth research and practical advice to help them make better decisions, succeed with key projects, and align IT with business objectives. For our IT Vendor clients, we provide the deep insight required to build the right product, reach the right prospects, and establish credibility in the marketplace. This means that – unlike many firms – EMA is both in tune with how real-world IT organizations are applying IT and data management technology to solve business problems and intimately familiar with the pros and cons of available vendor solutions. Our dual focus arms us with the insight to help both audiences be more successful!

EMA Blog: Business Intelligence and IT Management