Make security a priority on your team 

Every organization needs a strong security program. One recent study estimated that a hacker attack occurs somewhere every 37 seconds. Since security programs are only as effective as a team’s willingness to follow their rules and protocols, it’s increasingly necessary to have not just a widely accessible gold standard of security, but also a practical plan for rolling it out and getting others on board with following it. Security Awareness For Dummies gives you the blueprint for implementing this sort of holistic and hyper-secure program in your organization. 

Written by one of the world’s most influential security professionals—and an Information Systems Security Association Hall of Famer—this pragmatic and easy-to-follow book provides a framework for creating new and highly effective awareness programs from scratch, as well as steps to take to improve on existing ones. It also covers how to measure and evaluate the success of your program and highlight its value to management.  

• Customize and create your own program 
• Make employees aware of the importance of security 
• Develop metrics for success 
• Follow industry-specific sample programs 

Cyberattacks aren’t going away anytime soon: get this smart, friendly guide on how to get a workgroup on board with their role in security and save your organization big money in the long run.  

Table of Contents

Part 1: Getting to Know Security Awareness

CHAPTER 1: Knowing How Security Awareness Programs Work

CHAPTER 2: Starting On the Right Foot: Avoiding What Doesn’t Work

CHAPTER 3: Applying the Science Behind Human Behavior and Risk Management

Part 2: Building a Security Awareness Program

CHAPTER 4: Creating a Security Awareness Strategy

CHAPTER 5: Determining Culture and Business Drivers

CHAPTER 6: Choosing What to Tell The Users

CHAPTER 7: Choosing the Best Tools for the Job

CHAPTER 8: Measuring Performance

Part 3: Putting Your Security Awareness

Program Into Action

CHAPTER 9: Assembling Your Security Awareness Program

CHAPTER 10: Running Your Security Awareness Program

CHAPTER 11: Implementing Gamification

CHAPTER 12: Running Phishing Simulation Campaigns

Part 4: The Part of Tens

CHAPTER 13: Ten Ways to Win Support for Your Awareness Program

CHAPTER 14: Ten Ways to Make Friends and Influence People

CHAPTER 15: Ten Fundamental Awareness Topics

CHAPTER 16: Ten Helpful Security Awareness Resources

Appendix: Sample Questionnaire

About the Author

Ira Winkler, CISSP is President of Secure Mentem and author of Advanced Persistent Security and the forthcoming You Can Stop Stupid. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.