Security Awareness – Managing Human Risk
Organizations have invested a tremendous amount of money and resources into securing technology, but little if anything into securing their workforce. As a result, people, not technology, have become the most common target for cyber attackers. The most effective way to secure the human element is to establish a high-impact security awareness program that goes beyond just compliance and changes behaviors and ultimately creates a secure culture. (Online classes available)Course Key Learnings
- Master how to map and benchmark your program’s maturity against your peers’.
- Understand the Security Awareness Maturity Model and how to leverage it as the roadmap for your program
- Ensure compliance with key standards and regulations
- Implement models for learning theory, behavioral change, and cultural analysis
- Define human risk and explain the three different variables that constitute it
- Explain risk assessment processes
- Leverage the latest in Cyber Threat Intelligence and describe the most common tactics, techniques, and procedures used in today’s human-based attacks
- Identify, measure, and prioritize your human risks and define the behaviors that manage those risks
- Define what security culture is and the common indicators of a strong security culture
- Explain your organization’s overall culture and how to most effectively align cybersecurity with and embed into your organization’sculture
- Measure the impact of your program, track reduction in human risk, and how to communicate to senior leadership the value of the program.
Course Content: Module1: Fundamentals and Identifying / Prioritizing Human Risk
-
Overview
Section 1 covers the fundamentals by specifically answering what is human risk and how organizations can effectively manage it. We start with students defining the maturity of their existing program and provide a roadmap on how to improve their program maturity. We then cover critical foundations for a successful program; leadership support, a program charter, and an advisory board. We then cover the fundamentals of risk management and how that applies to managing human risk, to include models of behavior change. We finish the day with a process on how to identify and prioritize your top human risks.
Exercises
- Benchmarking your program’s maturity against your peers
- Developing and defining an Advisory Board
- Identifying your top human risks
Topics
- How to map and benchmark your programs maturity
- The five stages of the Security Awareness Maturity Model
- The fundamentals of risk and risk management
- The definition of human risk and the three variables that define it
- Why humans are so vulnerable and the latest methods cyber attackers use to exploit these vulnerabilities
- Steps to gain and maintain leadership support for your program
- How to develop and leverage an effective Advisory Board
- The B.J. Fogg Behavior Model and how it applies to your overall strategy of changing workforce behavior
- Developing a strategic plan that prioritizes your organization’s human risk, the behaviors to manage those risks, and changing those behaviors.
- A walk-through on how to conduct a human risk assessment and how to prioritize your organization’s top human risks, including leveraging the latest in Cyber Threat Intelligence (CTI).
- How to identify and manage role-based risks
Module2: Identifying and Changing Behavior
Overview
The second section begins with how to identify the key behaviors that manage your top human risks, to include defining each behavior as a learning objective. We then cover how to change behaviors at an organizational level, starting with the fundamentals of engagement and motivating change, then how to adapt your program to different demographics, cultures and regions. We then go into the many different methods and modalities to train and engage your workforce, ending with a team lab where you apply everything you have learned up to this point.
Exercises
- Identifying and prioritizing key behaviors
- Leverage the AIDA Model to engage and promote behavior change
- Putting it all together to create an engagement plan for a specific risk
Topics
- Resources for your long-term success
- Defining learning objectives and how they apply to learning theory
- How to identify and prioritize the top behaviors that manage your key human risks
- Fundamentals of engaging and changing human behavior
- Introduction of the Golden Circle and the importance of “why”
- How you can effectively create an engagement strategy leveraging marketing models
- Top tips for effective translation and localization
- The effective use of imagery, with a focus on diverse or international environments
- The two different training categories, primary and reinforcement, and the roles of each
- How to effectively develop and provide instructor-led training (ILT), virtual live training (VLT) and computer-based training (CBT)
- Different reinforcement methods, including newsletters, infographics, podcasts, microvideos and video shorts, memes, hosted speaker events, hacking demos, scavenger hunts, virtual lunch-and-learns, and numerous other training activities.
- How to create an effective, long-term incentivization program
Module3: Security Culture & Measuring Change
-
Overview
This section begins with culture, specifically defining your organization’s overall culture, what security culture is and how to embed a strong security culture into your organization’s overall culture. We then cover metrics, starting with why we want metrics and how to use them at a strategic level. We then do a deep dive into how to measure behavior and culture, then strategic metrics and then finally how to communicate the value of your program to leadership in business terms. We finish the class with how to put this all together into an actionable plan with key tips for success.
Exercises
- How to understand, define and align security with your organization’s overall culture
- How to manage and measure a specific human risk
Topics
- Career development, a series of steps you can take to grow your credibility, position and compensation.
- We explain what organizational culture is and how to define your organization’s overall culture
- We explain what security culture is, the value of a strong security culture and the most common indicators of both a weak and strong security culture.
- How to align with and embed a strong security culture into their existing overall culture.
- A deep dive into Ambassador Programs
- Fundamentals of metrics, including why we collect them and how to leverage them strategically
- How to measure behaviors and their impact to managing human risk
- How to measure culture
- Top five strategic metrics senior leaders care about the most
- How to communicate to senior leaders the value of managing human risk using risk and maturity models
- Putting an overall plan together
- Resources for success moving forward
International Student Fee: 500 US$
Stay connected even when you’re apart
Join our WhatsApp Channel – Get discount offers
500+ Free Certification Exam Practice Question and Answers
Your FREE eLEARNING Courses (Click Here)
Internships, Freelance and Full-Time Work opportunities
Join Internships and Referral Program (click for details)
Work as Freelancer or Full-Time Employee (click for details)
Flexible Class Options
- Week End Classes For Professionals SAT | SUN
- Corporate Group Trainings Available
- Online Classes – Live Virtual Class (L.V.C), Online Training
Related Courses
Leadership Essentials -Security Leadership Essentials for ManagersKEY FEATURES
Register Now
