Build a Security Awareness and Training Program

If it’s not human-centric, you’re not training your humans.

Onsite Workshop

Implementing a security awareness and training program without focusing on your end users leads to:

  • Training material not being absorbed due to training fatigue.
  • A negative attitude towards security born from irrelevant content.
  • An increased risk of social engineering attacks being successful.

Making your security awareness and training program human-centric leads to:

  • An increased knowledge level in security across all trained end users.
  • End users being an active defense against social engineering attacks.
  • The development of a strong security culture within the organization.

Module 1: Assess the Maturity Level of the Current Security Culture

The Purpose

  • Identify the maturity level of the existing security awareness and training program and set future target states.
  • Determine the unique audience groups within your organization and evaluate their risks and vulnerabilities.
  • Prioritize training topics and audience groups to effectively streamline program development.

Key Benefits Achieved

  • Identified the gaps between the current maturity level of the security awareness and training program and future target states.
  • Created a comprehensive list of unique audience groups and the corresponding security training that each group should receive.
  • Determined priority ratings for both audience groups and the security topics to be delivered.

Activities: Outputs:
1.1 Select your executive champion.
  • Executive champion support
1.2 Evaluate your end users’ current knowledge.
  • Knowledge of end users’ current knowledge level
1.3 Assess the maturity of your current awareness and training program.
  • Maturity score of current training program
1.4 Identify your user groups and their corresponding topics.
  • Chart of audience groups and the security topics that each needs to receive
1.5 Analyze your organization’s current IT environment and set a target state.
  • List of risks and vulnerabilities for each audience group
1.6 Set a minimum security awareness level and prioritize your topics.
  • List of prioritized training topics

Module 2: Plan the Training Delivery

The Purpose

  • Identify all feasible delivery channels for security training within your organization.
  • Establish program milestones and outline key initiatives for program development.
  • Create an ongoing training schedule.

Key Benefits Achieved

  • Outlined a detailed plan for program development, including a timeline for planned initiatives and initiative ownership assignment.
  • Created a schedule for training deployment.

Activities: Outputs:
2.1 Refine your approach to training.
2.2 Identify available delivery methods.
  • A list of delivery methods to use for training deployment
2.3 Build an implementation timeline and training schedule.
  • A schedule for completing program initiatives and a schedule for delivering training sessions to the organization
2.4 Create customized training materials.
  • Customized training materials

Module 3: Outline the Plan for Long-Term Program Improvement

The Purpose

  • Define the end users’ responsibilities towards security within the organization.
  • Document results gathered from previous workshop modules.
  • Create a plan for deploying a pilot program to gather valuable feedback.

Key Benefits Achieved

  • Defined role of end users in helping protect the organization against security threats.
  • Finalized security awareness and training program manuals.
  • Created a plan to deploy a pilot program.

Activities: Outputs:
3.1 Create accountability for your end users.
  • A customized definition of end-user responsibility towards security within your organization
3.2 Document and evaluate your training program.
  • A training manual containing all information regarding your training program
3.3 Design a pilot program.
  • A plan for deploying a pilot program capable of harvesting valuable feedback for improving your program

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
GET HELP Contact Us
×
VL Methodology