What Belongs in a Security Awareness Program? – Security is also a people problem. Security awareness is as important as technical security. As I said in my other blogs, people are the last line of security, so Security Awareness Programs are crucial. In this blog, I’m going to discuss What belongs in a Security awareness training.
1 – What’s Security Awareness Program?
Essentially, security awareness training is a way to provide an appropriate level of knowledge about cybersecurity. Nowadays, security is everybody’s responsibility.
There are three lines of defence;
- The first line is your controls, how you implement security best practices and prevent compromises.
- The second line is detection, how you realize attacks or attempted breaches.
- The third line is your people, how aware your people of security and what they do to avoid being a weak link.
If the security awareness program supports providing the three lines, I can say it’s a good one. Security awareness programs are important because they reinforce that everybody is responsible for security.
2 – What Belongs in a Security Awareness Program?
There are 4 key components in the Security Awareness Program.
1 – Communication
Security should become a part of the conservation in the organization. Management teams must regularly communicate to the employees that security is important. This communication must be clear, regular, appropriate and interactive.
2 – Checklist(s)
There needs to be a checklist. The checklist will help your company stay organized when it comes to developing, maintaining and delivering a security awareness program.
Checklists should include;
- What to do when a new hire starts and when an employee leaves.
- How often to remind employees of security protocols.
- What to do when an incident happens.
- How to communicate with customers or partners when in a breach.
3 – Content
A security awareness program must have appropriate content. The content should be striking, impactive and not boring, depends on your organization structure, may include;
- Role-based guide
- Training programs
- A handbook (PDF File)
- Amusing games
4 – Controls
Security Awareness Programs should include control mechanisms such as Threat Intelligence, Incident Reporter, Phishing Simulator etc.
Controls mechanisms are the guards to prevent the car from flying off the road, ensuring that people and systems are only able to do what their roles dictate and only with the appropriate approvals.
“This post is originally published at www.keepnetlabs.com”

Teknoloji Haberleri
- Kopya çektiği için üniversiteden atıldı, hile yapmak için yapay zeka geliştirdiYapay zeka, yaratıcı ve üretken çözümler kadar, etik sınırları zorlayan girişimlere de ilham kaynağı oluyor. Hile yapmak için tasarlanmış Cluely’nin eğitim ve iş dünyasında nasıl bir tehdit oluşturduğu, yasal ve ahlaki açıdan tartışılıyor.
- Elon Musk'ın Optimus robotları, Çin'den gelen darbelere takıldıTesla'nın insansı robotu Optimus'un seri üretim hedefleri, Çin ve ABD arasındaki giderek derinleşen ticaret savaşının ve nadir toprak elementlerinin ihracat kısıtlamalarıyla en büyük darbeyi aldı.
- Netflix, Wednesday 2. sezona hazırlanıyor: İlk fragman yayınlandı!Netflix’in kült dizisi Wednesday, 2. sezonuyla geri dönüyor. Jenna Ortega’nın unutulmaz performansı, Addams ailesinin karanlık sırrı ve yeni fragmandan öne çıkan detaylar haberimizde...
- Huawei Mate X6 İncelemeKatlanabilir telefonlar, yakın gelecekte kaçınılmaz biçimde standart haline gelecek gibi görünüyor. Peki, Huawei Mate X6, ultra ince tablet formuyla bu alandaki çıtayı bir adım daha yukarı taşıyabiliyor mu? İnceledik!
- Yale Akıllı İç ve Dış Mekan Kameraları İncelemeGüvenlik çözümleri üreticisi Yale, ev güvenliğine yönelik kullanıcı dostu akıllı kamera, akıllı zil ve alarm sistemleri gibi ürünleriyle, gözünüz arkada kalmadan evinizin korunmasını sağlıyor. Peki, bu çözümlerin bir parçası olan iç ve dış mekan akıllı kameralar kullanıcılarına neler sağlıyor?