Creating an Effective Information Security Training, Education and Awareness Programme Annual ISACA Kampala Chapter Information Security Workshop Prof.

Slides:



Advertisements
Similar presentations
The Research Process.
Advertisements

Finding the right stuff – Google v libraries – the users choice SLIC: Company Limited by Guarantee/ Registered in Scotland No /Scottish Charity No.SC17886.
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
Strategic Planning and the Marketing Management Process
STRATEGY/POLICY FOR SMMES AND COOPERTIVES Briefing to Portfolio committee on Small Business Development 11 MARCH Making South Africa a Global Leader.
SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.
Managing Human Resources Why Have Staff? Why Have Staff? - To advance the objectives and the mission of the organization - To advance the objectives and.
McGraw-Hill/Irwin © 2005 The McGraw-Hill Companies, Inc. All rights reserved Chapter The Future of Training and Development.
Risk Management Vs Risk avoidance William Gillette.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Copyright © 2013 Pearson Education, Inc., publishing as Prentice Hall14-1 Managing Behavior In Organizations Sixth Edition Jerald Greenberg.
 Can I do this?  How should I be looking at my department?  How are our “security” relationships?  What things could I be doing to sell our.
Social Networking in Education Presented by Justin R. Clark.
“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)
Strengthening the quality of research for policy engagement in the African context – achievements and aspirations Tebogo B. Seleka Botswana Institute for.
Social Media Jeevan Kaur, Michael Mai, Jing Jiang.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.
1-1 Strategic Planning and the Marketing Management Process Chapter 1 McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights.
21 st Century 2.0 Project Creating a 21 st Century Learning Environment at Hillview School.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Kim Andreasson Managing Director DAKA advisory AB Bahrain International eGovernment Forum Kingdom of Bahrain 8-10 April 2013 Measuring E-Government.
Best Practice in Nuclear Security and the role of the World Institute for Nuclear Security (WINS) Towards a CBN Security Culture: developing a holistic.
Logging Antivirus Examples Use recent examples from media of such attacks (RSA, Epsilon, Oak Ridge National Labs, HBGary). Articles in business magazines.
© 2011 The SESERV Consortium 1 SESERV and Privacy Socio-Economic SERVices for European research projects Eric Meyer University of Oxford FIA Budapest,
People and Organisational Change
The Changing World of Endpoint Protection
Copyright © 2002 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
Technological Innovation and the Public Sector Week 10.
Ethical Leadership Ethical Leadership Unit 4 Ethical Awareness.
A Framework for Developing and Understanding Digital Competence in Europe Barbara Brecko Yves Punie EC JRC IPTS.
Workshop Four Topic 4.5 Human Resources Development © Ana G. Méndez University System, All rights reserved.
MIS 2000 Ethical and Legal Aspects of Information Systems Updated: June 2015.
Microsoft Belgium Security Summit Georges Ataya S olvay B usiness S chool, ISACA Belux Detlef Eckert Microsoft EMEA.
Innovation and Adaptability
Technology and Interactive media as Tools in Early childhood Programs Serving Children from birth through Age8
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.
Changing TVRI Paradigm Toward New Realities in Broadcasting World.
Government of Nepal Ministry of Education National Center for Educational Development.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
Chapter 13  2000 by Prentice Hall Managing Knowledge, Change, and IS Personnel: The Next Challenges Uma Gupta Introduction to Information Systems.
Human Resource Management: Gaining a Competitive Advantage Chapter 07 Training Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
Why Privacy & Security Awareness Training?. Why is privacy & security awareness training required?
Group & organization. group communication have you ever had the experience of worrying that a group was getting off track when someone made a joke or.
Position Proposal: Digital Communications Coordinator.
An Introduction to the Digital Industry BUBBLE JOBS LTD
Who am I? Mikhail I. Gofman Assistant Professor of Computer Science at CSUF since Fall Education: Ph.D. in Computer Science at State University of.
This project has been funded with support from the European Commission. This courseware reflects the views only of the authors,
If you are looking for someone to help your current technitions tackle day-to-day problems, then Neoscope can provide SUPPLEMENTED.
Kundan Singh Venkatesh Oct 2013
Law Firm Data Security: What In-house Counsel Need to Know
THE CURRENT GLOBAL ICT ENVIRONMENT
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
Louisiana State University
Mona El-Ayoubi Director Learning, Innovation & Strategy
MGT 210 Chapter 18: Controlling
Position Proposal: Web Programmer Analyst
Cybersecurity Threats and Opportunities in Latin America
Enhancing Gender Rights Online An Interactive Discussion
Smart Learning concepts to enhance SMART Universities in Africa
University of Muenster Consulting
Cyber Security Culture
Completing a task relevant to cybersecurity Case 2
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Low Power Wide Area Network.
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Creating an Effective Information Security Training, Education and Awareness Programme Annual ISACA Kampala Chapter Information Security Workshop Prof. Venansius Baryamureeba

Background Paradigm shift impact Urgent Concerns Information Security Threats Current Training Focus Training and awareness change What can be done? Focus of Training Needs Contents

Background Information Security  What is it? Safe guarding information from unauthorized access whether digital or non digital  Is a more serious issue due to advancement in technology and more use of digital information  More and more information is becoming virtual and in the hands of the unknown Paradigm shift Work habits (physical –> ubiquitous) Personal security –> organizational security

Paradigm shift impact There is a rise in social media use and cloud based services  Increases the risks of being attacked through social avenues  Provides an opportunity for the unknown to use and interact with your data, information Economical and social aspects Hacking has become a job for people Hacking is used for revenge, fighting capitalism and something for people to feel proud of

Urgent Concerns Work life and social life are intertwined  Social web applications are becoming the norm for collaboration and communication  Less regulation in the mix of work and social life  Tracking what your colleagues are sharing and exchanging  Working from home or ubiquitous working is on the increase Policies and strategies Privacy controls and copyright Access to the ever growing amounts of personal data on people’s profile Assurance on proper use of personal data by custodians

Information Security Threats Hacking Click jacking attacks and malware Agile nature of organizations Privacy and copyright abuse Managing social media and work life Virtual neighbor (who exactly is that?) Data leakage through mobile devices Security department and other organizational departments not talking Ignorance

Current Training Focus Security policies and training  Focus solely on technology and software that runs it  Less attention on the humans that use it, develop it, sell it and the environment around it  Advanced employee behavior during use of technology Organizational security strategies Training has not entirely focused on the specific security strategies developed for the organization Security of work processes and practices has not been offered priority

Training and awareness change Information Security Training Paradigm Shift Agile nature of organizations Advancement in Information Technology Economical Aspects Social Aspects Focus on Humans

What can be done? Organizations need to evaluate their understanding of Information Security Constantly develop and redevelop training based on level of awareness EffectiveInformation Security Training andAwareness Organizations need to determine the gaps in Information Security

19/07/12 Enhanced Information Security Information Security Awareness Appropriate content to appropriate people Information Security Benchmarking Focus on People’s attitudes and behaviors Engaging and Interactive Scenario based Make Training Culturally Relevant Focus of Training needs

Thank you Any Questions 19/07/12

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.