Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Information Security Awareness Training | PPT

Verified

Added on 2022/08/28

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Information security
awareness training
Be on the look out!

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

AGEND
A Introduction
NIST model
Causes of information insecurity
Policies
Roles and Responsibilities
The main agenda
for the training
include;

INTRODUCTION
• What is information security?
• The practice of preventing unauthorized use,
disruption, unauthorized access, modification,
inspection, destruction or even unauthorized
recording of information("What is Information
Security?," 2018).

INTRODUCTION CONT.’
• Information can be physical or electronic.
• Objectives of Information security program are;
• Integrity
• Confidentiality
• availability

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

NIST MODEL
• NIST special publication 800-50 is chosen model in ADVANCED
TOPOLOGIES INC.(ATI).
• Why this model for ATI?
• It offers guidance in development of effective information
technology security programs
• Supports federal information security management act of 2002
requirements(Pradigdya & Ginardi, 2019,)

System set up may not be the
weakness. What are the involved
parties likely causes of insecurities?

Employees inaction
Leaving sensitive information on desks.
Failing to log out from emails in open office computers
Failing to recorded and notify company’s IT any suspicious activities in
the system.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Employees action
Clicking on strange emails that may come with malware
Retrieving delicate information to irrelevant users
Setting obvious passwords which can easily be intruded
Sharing excess information when social networking
Leaving browsers remembering passwords on public computers

policies
Policy is how ATI manage and use network and information.
Clean desk policy
Bring your own device policy
Data management policy
Removable media
Social networking

Clean desk policy
Clearing off the desk print outs, sticky notes that contain delicate
information.
This prevents unauthorized party from viewing them(Bada, Sasse
& Nurse, 2019).
Only papers kept are associated with present project being worked
on by users.
According to grants(2017), sensitive information must be gotten rid
off at end of each day.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

BRING YOUR OWN DEVICE POLICY
This covers all personal computing devices of the employees that can
be utilized in work setting.
ATI has created a list of acceptable devices and the rest banned.
All devices under BYOD must be verified by the security staff.
Applications run in these devices are also limited.

Data management policy
• According to Eyadat (2018), employees do not realize importance of
classified data.
• Hence need to provide knowledge regarding all kinds of data.
• This allows everyone to comprehend the business critically.
• Everyone should strive to know basic information regarding data
management

Removable media
• This includes devices that transfer data in and out of computers.
• Concerns introduction of security threats to confidential data of the
company.
• Threats that may be brought about are hardware failure, malware
infection and copy right infringement (McCormac et al., 2017,)
• prohibit unwanted media and prohibit accessing abandoned media
like external hard drives.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Social networking
• Social networking is widely used currently.
• Phishing is a common attack that can be a disaster.
• ATI hence sensitizes and restricts using of company devices for social
networking.
• According to ghavani & shukur (2017) employees should always get a
guide on dangers of phishing attacks hence a responsibility to the
managers.

ROLES AND RESPONSIBILITIES
• Security is everyone's role.
AGENCY HEADS;
guarantees efficient security awareness so as training for
workforce(al-daeef, basir & saudi, 2017).
Labels any CIO.
allocate accountability for its security IT.
Apply and guarantee agency security program budget and
resources.

ROLES AND RESPONSIBILITIES
CHIEF INFORMATION OFFICERS(CIO);
Train agency staff for important roles
Monitor staffs important duties.
administering training as well as monitor staffs with important duties
MANAGERS;
• Obeying with IT security awareness as well as training requirement
implemented for users.
• Liaising with CIO to encourage professional development and
certification of staff of it.
• Guarantee that all users of respective systems are properly trained.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Conclusions
• As per the policies all employee are required to realize
security starts with them.
• Always ensure both electronic and physical information are
secure.
• Take action as per requirement to ensure ATI is safe.

Recommendations
• ATI to always keep monitoring employees activities through
programs
• Setting aside devices for social networking
• Discourage employees from BYOD on company network
• Minimize use of sticky notes and printouts by employees.

references
• McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M.
(2017). Individual differences and Information Security Awareness. Computers in
Human Behavior, 69, 151-156.
• What is Information Security? (2018, June 19). Retrieved from
https://www.geeksforgeeks.org/what-is-information-security/
• Pradigdya, C. A., & Ginardi, R. V. (2019). User Awareness Design for Electronic
Money User Using Protection Motivation Theory and NIST 800-50 Framework.
IPTEK Journal of Proceedings Series, 0(5), 416.
• Tasevski, P. (2016). IT and Cyber Security Awareness – Raising Campaigns.
Information & Security: An International Journal,
• Eyadat, M. S. (2018). Information Security: Awareness and Training Program in
the Middle East Universities. Asian Journal of Computer and Information Systems

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Reference Continued
• Grant, R. L. (2017). Exploring Effects of Organizational Culture upon
Implementation of Information Security Awareness and Training Programs
within the Defence Industry Located in the Tennessee Valley Region (Doctoral
dissertation).
• Bada, M., Sasse, A. M., & Nurse, J. R. (2019). Cyber security awareness
campaigns: Why do they fail to change behaviour?.
• Al-Daeef, M. M., Basir, N., & Saudi, M. M. (2017, July). Security awareness
training: A review. In Proceedings of the World Congress on Engineering.
• Ghazvini, A., & Shukur, Z. (2017, November). Review of information
security guidelines for awareness training program in healthcare industry. In
2017 6th International Conference on Electrical Engineering and Informatics
(ICEEI) (pp. 1-6). IEEE.

1 out of 20

+13062052269

info@desklib.com

Information Security Awareness Training | PPT

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

The email Advisory | Information Security Training

Information security training | Essay

Preventive Mechanisms Against DoS Attacks

Cybercrime: Types of Scams, Laws, and Penalties

Information Security | Task Report

Information Security Threats and Risk Assessment