Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Path to Security - Preventing User Negligence Sarah Kennedy.

Published byBeverly Hunt Modified over 9 years ago

Similar presentations

Presentation on theme: "The Path to Security - Preventing User Negligence Sarah Kennedy."— Presentation transcript:

1 The Path to Security - Preventing User Negligence Sarah Kennedy

2 Overview  How Students are Taught  How InfoSec Professionals Teach  Why Awareness is Important  Goals  Tools to use

3 How Students are Taught

4 How InfoSec Professionals Teach

5 Let someone else handle it….

6 Why Awareness is Important  Symantec Study states: employee negligence and system glitches account for 64% of data breaches  62% of employees think it’s acceptable to transfer corporate data outside of the company on personal devices and cloud services  Employee negligence breaches are increasing with every study performed

7 Training Goals  Make it personal  Train for behavior changes  Catchy  Marketing style awareness  Reinforcement and Repetition  Make it fun!

8 This is an Ultimate Repeatable Goal!

9 Adam Grant - Organizational Psychologist “Wash your hands to protect yourself” “Wash your hands to protect your patients” “Practice information security to protect our customers” “Use information security to protect your family”

10 Negative vs Positive  “Don’t or you will be reprimanded with consequences up to termination of employment.“  Don’t let someone tailgate behind you to enter the building.  Make sure you to help prevent data breaches.  Do be mindful of people attempting to follow you into the building.

11 Analogies

12

13 Games!

14 Practicing Preventative Scenarios

15 Lock Your Computer Tag

16 Main Goals for InfoSec Professionals  Information Security is everyone’s job requirement,  Not just IT’s.  To protect the customers,  It’s what we expect when we are the customer.  Remember: It’s Possible!

17

18 Questions?

Download ppt "The Path to Security - Preventing User Negligence Sarah Kennedy."

Similar presentations

Lock Out Tag Out UNIVERSITY of N ORTHERN C OLORADO.

Lock Out Tag Out UNIVERSITY of N ORTHERN C OLORADO.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Part I: Making Good Online Choices

Part I: Making Good Online Choices
ECEU300 Ethics in the Workplace Why talk about Ethics? Everyone is ethical, everyone knows how to behave at work. Everyone gets it about not stealing stuff.

ECEU300 Ethics in the Workplace Why talk about Ethics? Everyone is ethical, everyone knows how to behave at work. Everyone gets it about not stealing stuff.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
Security Awareness Lloyd Guyot – Steelcase Ed Jaros – Tenundra Inc. July 17, 2003.

Security Awareness Lloyd Guyot – Steelcase Ed Jaros – Tenundra Inc. July 17, 2003.
What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.

What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.
Component 16/Unit 5 Health IT Workforce Curriculum Version 1/Fall 2010 1 Professionalism/Customer Service in the Health Environment Unit 5 Regulatory Issues:

Component 16/Unit 5 Health IT Workforce Curriculum Version 1/Fall Professionalism/Customer Service in the Health Environment Unit 5 Regulatory Issues:
Acceptable Use Policy Quiz Boston Public Schools Technology Awareness Initiative.

Acceptable Use Policy Quiz Boston Public Schools Technology Awareness Initiative.
Proprietary & Confidential | For Internal Use Only Safety Orientation for New Employees ENGL-2100 Project 2, Option 3 To: Professor Laryssa Waldron and.

Proprietary & Confidential | For Internal Use Only Safety Orientation for New Employees ENGL-2100 Project 2, Option 3 To: Professor Laryssa Waldron and.
Lifelong Learning Institute Customer Service Training Welcome to:

Lifelong Learning Institute Customer Service Training Welcome to:
Terry Ray VP Global Security Engineering The Insider's View To Insider Threats © 2012 Imperva, Inc. All rights reserved.

Terry Ray VP Global Security Engineering The Insider's View To Insider Threats © 2012 Imperva, Inc. All rights reserved.
Islande Transportation Lynn, MA 01902 (617)861-1694.

Islande Transportation Lynn, MA (617)
ESCCO Data Security Training David Dixon September 2014.

ESCCO Data Security Training David Dixon September 2014.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.

1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
AtomPark Software is founded in 2001. The head office is located in Saint-Petersburg, Russia. Company is officially registered in the United States. AtomPark.

AtomPark Software is founded in The head office is located in Saint-Petersburg, Russia. Company is officially registered in the United States. AtomPark.
Industrial/Organizational PSYCHOLOGY Is the scientific study of human behavior in the work place and applies psychological theories and principles to organization.

Industrial/Organizational PSYCHOLOGY Is the scientific study of human behavior in the work place and applies psychological theories and principles to organization.
Lesson 1: Knowing Yourself Module 3: FINDING A JOB.

Lesson 1: Knowing Yourself Module 3: FINDING A JOB.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Information Security 101 Five things you should learn to protect your data and privacy February 26/27, 2014.

Information Security 101 Five things you should learn to protect your data and privacy February 26/27, 2014.

Similar presentations

Ads by Google