Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creating an Effective Information Security Training, Education and Awareness Programme Annual ISACA Kampala Chapter Information Security Workshop Prof.

Published byMilton Phillips Modified over 9 years ago

Similar presentations

Presentation on theme: "Creating an Effective Information Security Training, Education and Awareness Programme Annual ISACA Kampala Chapter Information Security Workshop Prof."— Presentation transcript:

1 Creating an Effective Information Security Training, Education and Awareness Programme Annual ISACA Kampala Chapter Information Security Workshop Prof. Venansius Baryamureeba

2 Background Paradigm shift impact Urgent Concerns Information Security Threats Current Training Focus Training and awareness change What can be done? Focus of Training Needs Contents

3 Background Information Security  What is it? Safe guarding information from unauthorized access whether digital or non digital  Is a more serious issue due to advancement in technology and more use of digital information  More and more information is becoming virtual and in the hands of the unknown Paradigm shift Work habits (physical –> ubiquitous) Personal security –> organizational security

4 Paradigm shift impact There is a rise in social media use and cloud based services  Increases the risks of being attacked through social avenues  Provides an opportunity for the unknown to use and interact with your data, information Economical and social aspects Hacking has become a job for people Hacking is used for revenge, fighting capitalism and something for people to feel proud of

5 Urgent Concerns Work life and social life are intertwined  Social web applications are becoming the norm for collaboration and communication  Less regulation in the mix of work and social life  Tracking what your colleagues are sharing and exchanging  Working from home or ubiquitous working is on the increase Policies and strategies Privacy controls and copyright Access to the ever growing amounts of personal data on people’s profile Assurance on proper use of personal data by custodians

6 Information Security Threats Hacking Click jacking attacks and malware Agile nature of organizations Privacy and copyright abuse Managing social media and work life Virtual neighbor (who exactly is that?) Data leakage through mobile devices Security department and other organizational departments not talking Ignorance

7 Current Training Focus Security policies and training  Focus solely on technology and software that runs it  Less attention on the humans that use it, develop it, sell it and the environment around it  Advanced employee behavior during use of technology Organizational security strategies Training has not entirely focused on the specific security strategies developed for the organization Security of work processes and practices has not been offered priority

8 Training and awareness change Information Security Training Paradigm Shift Agile nature of organizations Advancement in Information Technology Economical Aspects Social Aspects Focus on Humans

9 What can be done? Organizations need to evaluate their understanding of Information Security Constantly develop and redevelop training based on level of awareness EffectiveInformation Security Training andAwareness Organizations need to determine the gaps in Information Security

10 19/07/12 Enhanced Information Security Information Security Awareness Appropriate content to appropriate people Information Security Benchmarking Focus on People’s attitudes and behaviors Engaging and Interactive Scenario based Make Training Culturally Relevant Focus of Training needs

11 Thank you Any Questions 19/07/12

Download ppt "Creating an Effective Information Security Training, Education and Awareness Programme Annual ISACA Kampala Chapter Information Security Workshop Prof."

Similar presentations

The Research Process.

The Research Process.
Finding the right stuff – Google v libraries – the users choice SLIC: Company Limited by Guarantee/ Registered in Scotland No.129889/Scottish Charity No.SC17886.

Finding the right stuff – Google v libraries – the users choice SLIC: Company Limited by Guarantee/ Registered in Scotland No /Scottish Charity No.SC17886.
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.

Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
Strategic Planning and the Marketing Management Process

Strategic Planning and the Marketing Management Process
STRATEGY/POLICY FOR SMMES AND COOPERTIVES Briefing to Portfolio committee on Small Business Development 11 MARCH 2015 1 Making South Africa a Global Leader.

STRATEGY/POLICY FOR SMMES AND COOPERTIVES Briefing to Portfolio committee on Small Business Development 11 MARCH Making South Africa a Global Leader.
SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.

SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.
Managing Human Resources Why Have Staff? Why Have Staff? - To advance the objectives and the mission of the organization - To advance the objectives and.

Managing Human Resources Why Have Staff? Why Have Staff? - To advance the objectives and the mission of the organization - To advance the objectives and.
McGraw-Hill/Irwin © 2005 The McGraw-Hill Companies, Inc. All rights reserved. 13 - 1 13 Chapter The Future of Training and Development.

McGraw-Hill/Irwin © 2005 The McGraw-Hill Companies, Inc. All rights reserved Chapter The Future of Training and Development.
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Copyright © 2013 Pearson Education, Inc., publishing as Prentice Hall14-1 Managing Behavior In Organizations Sixth Edition Jerald Greenberg.

Copyright © 2013 Pearson Education, Inc., publishing as Prentice Hall14-1 Managing Behavior In Organizations Sixth Edition Jerald Greenberg.
 Can I do this?  How should I be looking at my department?  How are our “security” relationships?  What things could I be doing to sell our.

 Can I do this?  How should I be looking at my department?  How are our “security” relationships?  What things could I be doing to sell our.
Social Networking in Education Presented by Justin R. Clark.

Social Networking in Education Presented by Justin R. Clark.
“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)

“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM)
Strengthening the quality of research for policy engagement in the African context – achievements and aspirations Tebogo B. Seleka Botswana Institute for.

Strengthening the quality of research for policy engagement in the African context – achievements and aspirations Tebogo B. Seleka Botswana Institute for.
Social Media Jeevan Kaur, Michael Mai, Jing Jiang.

Social Media Jeevan Kaur, Michael Mai, Jing Jiang.
Chapter 14 14-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.

Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.
1-1 Strategic Planning and the Marketing Management Process Chapter 1 McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights.

1-1 Strategic Planning and the Marketing Management Process Chapter 1 McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights.
21 st Century 2.0 Project Creating a 21 st Century Learning Environment at Hillview School.

21 st Century 2.0 Project Creating a 21 st Century Learning Environment at Hillview School.

Similar presentations

Ads by Google