Next week is Global Security Week!
Do you have anything planned for your organization to help raise the awareness of all types of security issues?
Here are a few ideas I wanted to pass along to you…
1) For all your employees, and family members, for that matter…
Point all your employees and relatives to a great, entertaining but effective online video about password security (thanks for the link, Alec!).
There are some other good videos on this site as well.
2) For all your employees….
Send out a message to them each day of the week, either by posting to your information security and privacy intranet site, or via email message, whichever is most appropriate and effective for your organization, a tip about a different topic each week. For example, for each day of the week you could send a message about…
* Monday: Social engineering, including an example of a recent scam, such as the ones I blogged about here and here.
* Tuesday: Proper disposal of information, including an example of a recent incident, such as the ones I blogged about here and here.
* Wednesday: Medical Identity Theft, provide information to help raise the awareness of this important issue, along with providing information that will help your personnel to more effectively protect themselves from being victims of medical identity theft. Point them to a great site on this topic, such as here.
* Thursday: Identity theft, including an example of a recent scam, such as here.
Also, provide your personnel with some sites where they can get more information about identity theft prevention, such as the FTC…it has a really great site.
* Friday: Keeping safe in social networking sites, including an example of a recent incident, such as the ones I blogged about here and here.
3) For all your employees…
Give them each a short book or other type of reference about information security. For example…
* You could give each of your personal a copy a great small book, such as “Computer Security: 20 Things Every Employee Should Know ” by Ben Rothke.
I think you can work out a bulk purchase deal with the publisher; check directly with them to find out.
* Another one to consider is “Information Protection Made Easy” by Dave Lineman.
It’s possible this may also have bulk rates.
4) For all your employees…
Go to the library and check out a DVD to show that is related to cyber crime…or even crime in general, such as the one that I described here.
Here is a short list from the many possible that you could show:
- Sneakers. Robert Redford, Sidney Poitier
- Enemy of the State. Will Smith
- Swordfish. John Travolta, Hugh Jackman
- Anti-Trust. Tim Robbins
- The Net. Sandra Bullock
- Track Down. Skeet Ulrich (movie version of the hunt for Kevin Mitnick)
- PBS documentaries, many from the Frontline series, such as The Cuckoo’s Egg or Cyber War!; also the Online NewsHour features, such as Regulating Internet Privacy or Conversation on Privacy.
- Discovery Channel documentaries, such as Project Security: Wireless Security System or Hackers: Methods of Attack and Defense.
- Reports from news programs such as 60 Minutes, 48 Hours, Nightline,and so on
5) For your IT folks…
Ask them to listen to one of the many great podcasts that are freely downloadable about how to build more secure applications and systems. For example, here are a few to consider…
* For advice and information about de-identifying and masking data to use for test and development I’ve done a couple of podcasts; see…
Data De-identification and Masking Methods and
What IT Leaders Need to Know About Using Production Data for Testing
* For a wide range of security topics, point them to one of Mike Rothman’s podcasts, and/or one of Kevin Beaver’s podcasts, be sure to scroll down to see the many free ones he has.
I’ll provide a few more ideas for Global Security Week in the coming days.
I list 142 different awareness activities for you to choose from within my book, “Managing an Information Security and Privacy Awareness and Training Program” that was published in 2005. I’ve got that list up to 200 now. 🙂
Got an idea for Global Security Week? Please share it!
Tags: awareness and training, cybercrime, Global Security Week, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training