Building an Information Security Awareness Program
Defending Against Social Engineering and Technical Threats
Published on 12. August 2014
Book
Paperback/Softback
214 pages
978-0-12-419967-5 (ISBN)
Description
The best defense against the increasing threat of social engineering attacks is Security Awareness Training to warn your organization's staff of the risk and educate them on how to protect your organization's data. Social engineering is not a new tactic, but Building an Security Awareness Program is the first book that shows you how to build a successful security awareness training program from the ground up.
Building an Security Awareness Program provides you with a sound technical basis for developing a new training program. The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework. Here, he walks you through the process of developing an engaging and successful training program for your organization that will help you and your staff defend your systems, networks, mobile devices, and data.
Forewords written by Dave Kennedy and Kevin Mitnick!
Building an Security Awareness Program provides you with a sound technical basis for developing a new training program. The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework. Here, he walks you through the process of developing an engaging and successful training program for your organization that will help you and your staff defend your systems, networks, mobile devices, and data.
Forewords written by Dave Kennedy and Kevin Mitnick!
Reviews / Votes
"...a blueprint for creating a highly practical and effectiveness awareness programme that could do so much more to protect your organisation than tens of thousand of dollars spent on shiny new security hardware." --Network Security"...a comprehensive introduction to the human factors that have an impact on the delivery of effective security, as well as practical proposals for the defense against social engineering and technical threats." --Computing Reviews
"I have been reading about this subject for a while now and, in my modest opinion, this is one of the best books out there covering it... every chapter holds some additional, practical information about each topic." --Help Net Security
More details
Language
English
Place of publication
Rockland, MA
United States
Target group
Professional and scholarly
Information Security practitioners, and an academic audience among information security majors. Corporate sales potential for IT Managers looking to implement Security Awareness training in their organizations.
Product notice
Paperback (trade)
Unsewn / adhesive bound
Illustrations
30 illustrations; Illustrations
Dimensions
Height: 236 mm
Width: 189 mm
Thickness: 15 mm
Weight
463 gr
ISBN-13
978-0-12-419967-5 (9780124199675)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Bill Gardner | Valerie Thomas
Building an Information Security Awareness Program
Defending Against Social Engineering and Technical Threats
E-Book
08/2014
Elsevier
€45.95
Available for download
Persons
Bill Gardner is an Assistant Professor at Marshall University, where he teaches information security and foundational technology courses in the Department of Integrated Science and Technology. He is also President and Principal Security Consultant at BlackRock Consulting. In addition, Bill is Vice President and Information Security Chair at the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement officers and information security practitioners in the private sector. Prior to joining the faculty at Marshall, Bill co-founded the Hack3rCon convention, and co-founded 304blogs, and he continues to serve as Vice President of 304Geeks. In addition, Bill is a founding member of the Security Awareness Training Framework, which will be a prime target audience for this book. Valerie Thomas is a Senior Information Security Consultant for Securicon LLC that specializes in social engineering and physical penetration testing. After obtaining her bachelor's degree in Electronic Engineering, Valerie led information security assessments for the Defense Information Systems Agency (DISA) before joining private industry. Her skill set also includes intrusion detection, endpoint protection, data loss prevention, and mobile security. Throughout her career, Valerie has conducted penetration tests, vulnerability assessments, compliance audits, and technical security training for executives, developers, and other security professionals.
Content
1. What Is Security Awareness Training?
2. Why Does Your Organization Need a Security Awareness Program?
3. Getting Management Buy-In
4. Understanding Infosec Threats
5. Training Cycle
6. Training Types
7. Building Engaging Training
8. Metrics
9. Why Most Security Awareness Programs Fail
10. Current Debate on Security Awareness
11. The Security Awareness Training Framework (SATF)
2. Why Does Your Organization Need a Security Awareness Program?
3. Getting Management Buy-In
4. Understanding Infosec Threats
5. Training Cycle
6. Training Types
7. Building Engaging Training
8. Metrics
9. Why Most Security Awareness Programs Fail
10. Current Debate on Security Awareness
11. The Security Awareness Training Framework (SATF)