Book Image

Transformational Security Awareness

By : Perry Carpenter
Book Image

Transformational Security Awareness

By: Perry Carpenter

Overview of this book

When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change. If your organization is stuck in a security awareness rut and is using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes, then you need this book. Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization.
Table of Contents (9 chapters)

You Know Why…

If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.

Bruce Schneier, Secrets & Lies

Ok. So, if you are reading this book, you likely already know why you need it. The world is in desperate need of better equipped security awareness leaders. The headlines and statistics make it clear that security technologies—no matter how good they become—will never be 100 percent effective. Cybercriminals will find gaps and points of ineffectiveness in the technologies and exploit them. It's the age-old arms race.

In that age-old arms race, regardless of if we are talking about computer security or physical security, cunning criminals have realized that they can effectively and reliably bypass an enemy's defensive systems by exploiting vulnerable humans. The main tactic here falls under the simple heading of social engineering: the process of getting someone...