Information Security is Systemic
Too often we view information security as a technology issue related to policy and procedures. However, we know that people present the greatest risk. Information security is organic… a process that relies heavily on a team approach involving the managers and users of your information system. By focusing on the awareness of your team members, your system security increases.
The Weakest Link
Even with the highest quality firewalls, the best policies and procedures, and the most detailed documentation, a user can still put sensitive information in an e-mail or use “payroll” as the password for the payroll module. By presenting your policy in a manner that increases security awareness and motivates an atmosphere of cooperation towards your Acceptable Use Policy, you will reduce risk. Half the battle is helping your users recognize the important role they play in the security process.
Security Awareness Training
User Level Security Awareness Training:
We can prepare a presentation centered around your Acceptable Use Policy. We make learning the threats and vulnerabilities to information fun! Our most popular service can be as simple as an hour talk to your assembled team and can get as complex as our conducting what we call a Security Awareness Posture Assessment and following that up with a review of your Acceptable Use Policy and then the creation of both annual and ongoing awareness training strategies.
Additional Training Presentations
infotex offers other training presentations for the various levels in your organization. The presentations are customized to your exact needs.
Board-level GLBA Training:
We help the Board of Directors understand their responsibilities for IT Governance and Information Security.
General Management Awareness Training:
We provide general training to management team members summarizing what they need to know in order to help you comply with information security regulations.
Targeted Management-level Training:
infotex customizes training to the client’s specific needs. Examples: Vendor Due Diligence, Technology Risk Management, Disaster Recovery Testing, Incident Response and/or CIRT Training, Data Classification, and various policy development classes.
This is customized to the client’s specific needs. We teach our technical clients various security functions including password file analysis, in-house vulnerability assessments, laptop encryption, etc. Training is geared to your team’s technical experience!
Technology Compliance Program Development:
We also help clients develop overall training programs at all levels of the organization. These programs not only include annual compliance training at the board, steering committee, management team, and user levels, but they also include programs for ongoing awareness training and awareness activation, including monthly reminders, activation games and exercises, and comprehension testing.
Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your office.
Intelligence agencies from five nations contributed to the new advisory… An article review. For the first time, the cybersecurity divisions of the nations in the “Five Eyes” alliance (The United States, United Kingdom, Canada, Australia and New Zealand) have released a joint advisory concerning incident response. The report, available here, does not provide a complete […]
PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX infotex has just hired Nathan Harrell, to be a new Engagement Coordinator to assist with all communications between both current and prospective Clients. “We’re really excited to have Nate joining the team to help us keep the channels of communication open!” says Bryan […]
A Webinar-Movie Short Back by popular demand! Our Board Awareness Training program continues with this movie, entitled Vulnerability Management for Directors, that can be presented directly to your board of directors.
Nearly half of all companies expect a security issue due to telecommuting… An article review. A few months ago we discussed a warning from the Department of Homeland Security regarding hackers taking advantage of the business disruptions caused by COVID-19, and according to an article shared with us by our friend Wes Pollard it appears […]