People working in our cyber world have access to a wide range of information including sensitive personal or corporate information which increases the risk to it. One of the aspects of the protection of this data is to train the user to behave more securely. This means that every person who handles sensitive information, their own or that of other people, be aware of the risks that their use can pose as well as how to do their job in such a way as to reduce that risk.
The approach we use for that is called ‘Security awareness’ but would be more accurately described as security ‘un-awareness’ because most of the problems come where the user doesn’t know about a risk from their behaviour, or its potential impact. In these post COVID days of ‘New Normal’ working, in which staff spend more of their time working at home, organisations are still responsible for the protection of sensitive personal and corporate data. This means that it is more important than ever to create an effective security awareness communication process.
This book will primarily consider the problem of hitting that ‘Sweet Spot’ in the age of ‘New Normal' working, which means that the knowledge about secure practice is not only understood and remembered, but also reliably put into practice – even when a person is working alone. This will be informed by academic research as well as experience, both my own and learnt from my fellow professionals, and then will be used to demonstrate how ‘New Normal’ working can improve security awareness as well as challenge it.
Author(s): Wendy F. Goucher
Publisher: CRC Press
Year: 2022
Language: English
Pages: 137
City: Boca Raton
Cover
Half Title
Title
Copyright
Contents
Acknowledgement
Introduction
Common Sense . . . Isn’t
Chapter 1 What Is Security Awareness and Why Should You Care?
Introduction
Practicality
Example
Insecurity Awareness
Human Insecurity Awareness and the Media
In Plain Sight
Governance and Compliance
You and Your Staff Are the ‘Weakest Links’
Chapter 2 Security Awareness and Protecting Information Through History
Introduction
Obfuscation
Separation and Access Control
Social Engineering
The Door Chain
The Confidence Trickster
Example One – Kitchen Composter
Example Two – Grooming
Situational Awareness
Cognitive Bandwidth
Chapter 3 The Challenges of Communicating About Security Awareness
Introduction
Resistance
Reluctance
Relevance
Revision
Chapter 4 Taking on an Invisible Threat
An Exercise in Understanding and Defending Against Data Leakage
Introduction
Raising Awareness Around Visual Data Loss
Sharing Data
Sensitive Information
A Security Awareness Lesson
Resisting an Invisible Threat
Chapter 5 Turning ‘Behavioural Intent’ Into Habitual Behaviour
Introduction
The End Users’ Perspective
The Gulf of Execution
Making It Matter
Chapter 6 The Challenges of the COVID Years and the ‘New Normal’
Managing Your Staff
Introduction
The Video Challenges
Taking Virtual Control
Living at Work
The Business Laptop
The Management Boundary
The Commute Opportunity and Threat
Summary
Chapter 7 Security Awareness Programs and Mental Health in the ‘New Normal Age’
Introduction
BC: Before COVID
The Mechanical View of Workplace Stress
Normalising Mental Health
Work-Based Stress
Norms
Return to Work
Security Versus Mental Well-being Opportunity Cost
Chapter 8 Looking Back at the Start of ‘New Normal’ Working: A Case Study
Introduction
Chapter 9 Carrying Forward the Loot From the Hard-Fought Battle
Chapter 10 “They Think It’s All Over . . .”
Introduction
When Will It Stop?
Index
