Information Security AwarenessTips to Improve Infosec Awareness in Any Organization

Information security is one of the hot topics in the corporate world, and for a good reason.

The impact of a information security breach can have catastrophic impacts on organizations, with the average cost of data security breaches costing companies$4 million on average. (IBM, 2016)

Information security management can be a huge job for security and compliance officers to manage on their own.

Improving information security awareness across your organization could help significantly reduce the number of breaches and unintentional disclosure of secure information.

The more employees are aware of their role in identifying and preventing attacks, the more difficult it is for cyber criminals to penetrate your infrastructure.

1.Create a Campaign

Think like a marketer. Plan your campaign to include a series of messages that build momentum, and/or get repeated over time. Also consider repurposing these messages into different formats (for example, recreate a security process list into a highly visual 1-2-3 step infographic) to suit all learning styles.

Tips to improve infosec awareness in your organization

• Identify which messages you are going to communicate• Decide when you are going to send your messages• Use a variety of channels and formats to engage staff• Repeat your messages through different channels to ensure

visibility• Measure your results and update accordingly

How to create a campaign for your communications:

2. Decide on your key messages

• What are the biggest threats in your organization?• Are there any areas of weakness you need to address?• Do different departments have different risks or topics to address?

3. Target your messages

Target your messages for different departments. Each department has unique risks related to the information they deal with.Think what risks are more apparent for your accounts team compared to sales.

Staff that deal with customer information need to be trained on the steps to take to ensure they can keep that information secure.

4. Use multiple methods

Decide on a few communication methods e.g. print posters, company wide desktop screensavers, emails, training sessions, quizzes, or videos.

Screensavers are visually engaging and are an effective way to remind staff to take action

5. Make it interesting

Create eye-catching ways of communicating your messages e.g. cartoon characters, well-known internet characters, interesting examples of big security breaches, random phishing tests, interesting facts about the impacts of security breaches.

Interesting facts help communicate points and will stick in employees’ minds

6. Measure your impactTo ensure you are getting the most out of your campaign, measurement is essential. You should measure:- Reduction in breaches- Increased staff awareness – by quizzing staff - Readership of communications – some internal comms software

(including SnapComms) has this functionality- Survey staff to see which messages they engaged best with

Information Security:as easy as ABC

ALWAYSBECAREFUL

Simple slogans can help make your lessons memorable to staff members.

To learn more about how SnapComms can help improve infosec awareness, visit our website:

SnapComms.com/solutions/employee-security-awareness

SnapComms is a global leader in internal communications software, serving 1 million users in many of the world’s largest organizations across 45+ countries including several fortune 500 companies.