Book Image

Transformational Security Awareness

By : Perry Carpenter
Book Image

Transformational Security Awareness

By: Perry Carpenter

Overview of this book

When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change. If your organization is stuck in a security awareness rut and is using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes, then you need this book. Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization.
Table of Contents (9 chapters)

Appendix: Seven Key Reminder Nudges to Help Your Recall

  1. The three realities of security awareness
    • Just because I'm aware doesn't mean that I care.
    • If you try to work against human nature, you will fail.
    • What your people do is way more important than what they know.
  2. Trojan Horses for the Mind
    • Emotion
    • Visuals
    • Sound
    • Words and story
  3. Behavior shaping
    • System 1 versus System 2 thinking
    • Fogg Behavior Model (B=MAP)
    • Framing and context
    • Nudge theory
    • Variability of reward
    • Cialdini's principles of persuasion
  4. The power of culture lay in the fact that humans are social creatures.
  5. Think about your awareness program outreach in three areas: content, experiences, and relationships.
  6. Understand the lives, actions, and interactions of your users. Think through each point of your user's routines where you might be able to intersect.
  7. A transformational program has more in common with a conversation than it does a monologue.