Beschreibung:
Herold, Rebecca
This volume provides a starting point and an all-in-one resource for infosec and privacy education practitioners who are building programs for their organizations. The author applies knowledge obtained through her work in education, creating a comprehensive resource of nearly everything involved with managing an infosec and privacy training course. This book includes examples and tools from a wide range of businesses, enabling readers to select effective components that will be beneficial to their enterprises. The text progresses from the inception of an education program through development, implementation, delivery, and evaluation.
Brief History of Corporate Information Security and Privacy Awareness and Training. Why Training and Awareness Are Important. Legal and Regulatory Requirements for Training and Awareness. Incorporating Training and Awareness into Job Responsibilities and Appraisals. Common Corporate Education Mistakes. Getting Started. Establish a Baseline. Get Executive Support and Sponsorship. Identify Training and Awareness Methods. Awareness and Training Topics and Audiences. Define Your Message. Prepare Budget and Obtain Funding. Training Design and Development. Awareness Materials Design and Development. Communications. Deliver In-Person Training. Launch Awareness Activities. Evaluate Education Effectiveness. Leading Practices. Appendices.