Develop a Security Awareness and Training Program That Empowers End Users
Turn end users into your organization’s secret security weapon.
- The fast evolution of the cybersecurity landscape requires security training and awareness programs that are frequently updated and improved.
- Security and awareness training programs often fail to engage end users. Lack of engagement can lead to low levels of knowledge retention.
- Irrelevant or outdated training content does not properly prepare your end users to effectively defend the organization against security threats.
Our Advice
Critical Insight
- One-time, annual training is no longer sufficient for creating an effective security awareness and training program.
- By presenting security as a personal and individualized issue, you can make this new personal focus a driver for your organizational security awareness and training program.
Impact and Result
- Create a training program that delivers smaller amounts of information on a more frequent basis to minimize effort, reduce end-user training fatigue, and improve content relevance.
- Evaluate and improve your security awareness and training program continuously to keep its content up-to-date. Leverage end-user feedback to ensure content remains relevant to those who receive it.
About Info-Tech
Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.
We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
What Is a Blueprint?
A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.
Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.
Need Extra Help?
Speak With An Analyst
Get the help you need in this 2-phase advisory process. You'll receive 4 touchpoints with our researchers, all included in your membership.
Guided Implementation 1: Develop your training program
- Call 1: Build a development plan for your training program.
- Call 2: Learn best practices for the execution of development initiatives.
Guided Implementation 2: Design an effective training delivery plan
- Call 1: Identify possible delivery methods.
- Call 2: Create a training schedule.
Contributors
- Sky Sharma, CIO
- Adrien de Beaupré, Certified Instructor and Penetration Tester, SANS Institute
- Robert Hawk, Information Security Expert, xMatters, Inc.
- Steven Woodward, CEO, Cloud Perspectives
- Riddhi Patel, Information Security Analyst, National Life Group
- Blair Panasiuk, Manager of IT Operations, Dynalife
- Erich Salie, Information Security Officer
- David Shipley, Director of Strategic Initiatives, University of New Brunswick
- Paul Daley, Sr. Analyst for Security Management, Risk and Audit, Toronto District School Board
- Glen Maxfield, IT Security Manager, Workers Compensation Board of Manitoba
Design and Implement a Business-Aligned Security Program
Build an Information Security Strategy
Secure Operations in High-Risk Jurisdictions
Develop a Security Awareness and Training Program That Empowers End Users
Build, Optimize, and Present a Risk-Based Security Budget
Hire or Develop a World-Class CISO
Fast Track Your GDPR Compliance Efforts
Build a Cloud Security Strategy
Identify the Components of Your Cloud Security Architecture
Security Priorities 2022
2020 Security Priorities Report
Manage Third-Party Service Security Outsourcing
Select a Security Outsourcing Partner
Improve Security Governance With a Security Steering Committee
The First 100 Days as CISO
Determine Your Zero Trust Readiness
Cost-Optimize Your Security Budget
Threat Preparedness Using MITRE ATT&CK®
Build a Zero Trust Roadmap
Security Priorities 2023
Security Priorities 2024
Grow Your Own Cybersecurity Team