Managing an Information Security and Privacy Awareness and Training Program
2nd Edition
Published on 24. August 2010
Book
Hardback
568 pages
978-1-4398-1545-8 (ISBN)
Description
Starting with the inception of an education program and progressing through its development, implementation, delivery, and evaluation, Managing an Information Security and Privacy Awareness and Training Program, Second Edition provides authoritative coverage of nearly everything needed to create an effective training program that is compliant with applicable laws, regulations, and policies. Written by Rebecca Herold, a well-respected information security and privacy expert named one of the "Best Privacy Advisers in the World" multiple times by Computerworld magazine as well as a "Top 13 Influencer in IT Security" by IT Security Magazine, the text supplies a proven framework for creating an awareness and training program. It also:
Lists the laws and associated excerpts of the specific passages that require training and awareness
Contains a plethora of forms, examples, and samples in the book's 22 appendices
Highlights common mistakes that many organizations make
Directs readers to additional resources for more specialized information
Includes 250 awareness activities ideas and 42 helpful tips for trainers
Complete with case studies and examples from a range of businesses and industries, this all-in-one resource provides the holistic and practical understanding needed to identify and implement the training and awareness methods best suited to, and most effective for, your organization.
Praise for:
The first edition was outstanding. The new second edition is even better ... the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly..-NoticeBored.com
Lists the laws and associated excerpts of the specific passages that require training and awareness
Contains a plethora of forms, examples, and samples in the book's 22 appendices
Highlights common mistakes that many organizations make
Directs readers to additional resources for more specialized information
Includes 250 awareness activities ideas and 42 helpful tips for trainers
Complete with case studies and examples from a range of businesses and industries, this all-in-one resource provides the holistic and practical understanding needed to identify and implement the training and awareness methods best suited to, and most effective for, your organization.
Praise for:
The first edition was outstanding. The new second edition is even better ... the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly..-NoticeBored.com
Reviews / Votes
The first edition was outstanding. The new second edition is even better - an excellent textbook packed with sound advice and loads of tips to make your security awareness program pull its weight.... engaging and stimulating, easy to read yet at the same time thought-provoking. ... chock-full of good ideas, not just theoretical concepts but solid practical advice that can be put to use immediately. A side effect is that there are lots of lists, tables and bullet points but they are well structured and succinctly summarize the key points. ... an excellent reference text. Extensive appendices (130 pages) include sample awareness materials and plans, a security glossary, various checklist/questionnaires and references. This is the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly.-NoticeBored.comThis book is remarkable because it covers in detail all the facets of providing effective security awareness training...I can, without reservation, recommend use of this book to any organization faced with the need to develop a successful training and awareness program. It surely provides everything you need to know to create a real winner.-Hal Tipton, from the Foreword
Rebecca Herold has the answers in her definitive book on everything everybody needs to know about how to impart security awareness, training, and motivation. Motivation had been missing from the information security lexicon until Herold put it there in most thorough and effective ways ... She demonstrates that security must become a part of job performance rather than being in conflict with job performance... The power of this book also lies in applying real education theory, methods, and practice to teaching security awareness and training ... After reading this book, there is no question about the necessary and important roles of security awareness, training, and motivation.-Donn B. Parker, CISSP, from the Preface
Rebecca Herold, an independent computer security advisor, knows privacy. Not all security consultants do. In her latest book, Managing an Information Security and Privacy Awareness and Training Program, Herold has collected her best advice.-Privacy Journal
... perfect for lay and professional audiences, this is a guide not for implementing technical necessities but for getting everybody in an organization on board.-Journal of Productive Innovation
More details
Edition
2nd edition
Language
English
Place of publication
Bosa Roca
United States
Publishing group
Taylor & Francis Inc
Target group
Professional and scholarly
Academic and Professional Practice & Development
Illustrations
38 s/w Abbildungen
38 Illustrations, black and white
Dimensions
Height: 240 mm
Width: 161 mm
Thickness: 35 mm
Weight
1013 gr
ISBN-13
978-1-4398-1545-8 (9781439815458)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
E-Book
08/2010
2nd Edition
CRC Press
€191.99
Available for download
E-Book
08/2010
2nd Edition
CRC Press
€191.99
Available for download
Previous edition
Book
04/2005
1st Edition
Auerbach
€75.51
Article exhausted; check for reprint
Person
Rebecca Herold, LLC, Van Meter, Iowa, USA
Content
Brief History of Corporate Information Security and Privacy Awareness and Training. Why Training and Awareness Are Important. Legal and Regulatory Requirements for Training and Awareness. Incorporating Training and Awareness into Job Responsibilities and Appraisals. Common Corporate Education Mistakes. Getting Started. Establish a Baseline. Get Executive Support and Sponsorship. Identify Training and Awareness Methods. Awareness and Training Topics and Audiences. Define Your Message. Prepare Budget and Obtain Funding. Training Design and Development. Awareness Materials Design and Development. Communications. Deliver In-Person Training. Launch Awareness Activities. Evaluate Education Effectiveness. Leading Practices. Appendices.