Information Security Education & Best Practice
Corporate information security awareness is a critical element of any successful security policy.
It is generally accepted that sound security is reliant upon a balance between the implementation of sound security policy and its enforcement, sensible application of security technology, and management of the overall security programme. However, even the best security programme is undermined if those who operate it and are affected by it are not adequately aware of its existence, and of their responsibilities.
Ignorance and uncertainty undermine security. If staff and management are unaware of their responsibilities, of the risks the organisation faces, and of how to react to incidents, then the probability that risks will materialise is significantly magnified. Furthermore, uncertainty is seriously disabling. Uncertain organisations become constrained in the opportunities they are willing to explore, because they do not understand either the nature of risk, or the actions that could be taken to mitigate their risk.
Staff should be considered an integral part of any security measures:
- They are generally the first to be impacted by potential security incidents.
- Their compliance makes or breaks the security programme.
- Their awareness helps to prevent incidents, and mitigates damage when incidents do occur.
Education and awareness are critical elements of any successful security programme. Without awareness, users cannot be responsible for compliance with policy. This will certainly have an adverse impact on the confidentiality, integrity and availability of your organisation’s information.
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
“We have used commissum for several years and their work has always been professional and delivered to a high standard. We appreciate their ability to readily interpret project requirements and to make a valuable contribution even when a project's budget is tight. commissum are easy to deal with and have the flexibility to manage changing time scales and requirements.”
Mr Iain R, Account Director, International Business Systems & Managed Services Company
Fri 22 Nov, 2013 //
Tue 12 Nov, 2013 //
Fri 08 Nov, 2013 //