About your audiences
It makes little sense to blast out awareness and training content without first understanding your audiences, their perspectives and their information needs. To that end, SecAware materials are designed to appeal to the following three corporate audiences:
1. Employees in general (staff)
Persuading employees to participate willingly in your information risk, security, privacy and compliance activities takes more than just policies and management edicts. Workers need to understand what is expected of them, and be sufficiently motivated to act accordingly. Top quality, professionally designed security awareness and training materials are key. For the general audience, the awareness and training materials take the individual's perspective, addressing their self-interests, their families and personal lives, as much as their working roles.
Management sets the tone for your organization. Without management’s understanding and support, information security is doomed to failure. Getting senior and general management on-board with information security is the quickest and most powerful - if not the only - way to influence your corporate culture. Security awareness and training for the management audience revolves around the business perspective: how does information security support and enable the business? What is its commercial value? What are the compliance imperatives, the strategic and policy options? There are governance as well as risk and security management aspects here.
Various experts are typically involved in designing, implementing, operating and managing the organization's information risks and the security arrangements. Despite their specialist knowledge in areas such as IT, risk management, HR, physical security and compliance, information security can present unique challenges. SecAware helps them understand the issues and options, get to grips with the technology, and get things on-track. Think about it: would you let an untrained mechanic work on your car brakes?
All three audiences are addressed in every SecAware module, covering the same information security topic from their distinct perspectives. We plant the seeds, leading the audiences to consider and discuss information security, exploring their common interests and (in some cases) points of difference. Overall, SecAware, in conjunction with you and your employees, brings the security awareness and training content to life, lifting it off the page or screen. Gradually those seeds germinate, security becoming simply 'what we do around here', an integral and vital part of the corporate culture.