If “insiders” are defined as the organization’s employees, a huge variety and number of people qualify as "outsiders".
This awareness module concerns the information-related threats from outside the organization – both threatening outsiders and external threats that don’t involve malicious people, or indeed people, at all.
The scope includes external events, incidents, accidents and challenges that aren't necessarily deliberate, targeted attacks by specific people or groups.
Introduce outsider and external threats, providing general context and background information;
Contrast outsider against insider threats;
Expand on the associated information risks and security controls, describing a structured and systematic process for identifying, evaluating and treating the risks;
Stimulate insiders to think - and most of all act - more securely, more cautiously in their dealings with outsiders.
Consider your organization’s learning objectives in relation to outsider threats. Are there specific concerns in this area, or just a general interest? Does the organization face particularly threatening adversaries and challenging situations? How about your 'trusted partners' and others: do they truly deserve your trust?
Outsider threats awareness
A package of security awareness and training materials concerning threats originating outside the organization- a wealth of creative materials designed to help you get the message across in an engaging way.
This information security awareness and training module directly complements the one on insider threats.