Book Image

Transformational Security Awareness

By : Perry Carpenter
Book Image

Transformational Security Awareness

By: Perry Carpenter

Overview of this book

When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change. If your organization is stuck in a security awareness rut and is using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes, then you need this book. Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization.
Table of Contents (9 chapters)

Behavior Management 101 for Security Awareness Leaders

Security needs to be viewed through a wider lens. Beyond technology investments, security begins and ends with people: their behaviors, motivations, and habits.

Deloitte Insights1

Let's start with a question that I asked back in Chapter 1: Do you care more about what your employees know, or what they do? When it comes to the security of our organizations, actions speak louder than words. And actions speak louder than mere head knowledge. After all, it doesn't matter if your employees can verbally recite all the hallmarks of great password management if they never put that knowledge into practice. And even when your people read your flyers, posters, and newsletters on how to spot a phishing email and pass your phishing training module with flying colors, it's all worthless if they fall for a phishing attack during the hustle and bustle of real life. Actions—not head knowledge—will determine whether...