headlines

ignorance and uncertainty undermine security

security awareness is a critical element in a successful security programme

staff are an integral part of any security measures:
scan and analysis of the firewall as it presents itself to the Internet

generally the first to be impacted by potential security incidents

their compliance makes or breaks the security program

their awareness helps to prevent incidents and mitigates damage when incidents do occur

the programme provided by commissum will ensure:

staff understand the importance of their part in ensuring sound security

staff are able to recognise security concerns and respond accordingly

staff recognise events that could indicate a security incident as reflex behaviour

the organisation feels confident to pursue opportunity, with risks understood and mitigation measures taken

issues

It is generally accepted that sound security is reliant upon a balance between the implementation of sound security policy, sensible application of security technology, and management of the overall security programme established. However, even the best security programme is undermined if those who operate it and are affected by it are not adequately aware of its existence, and their responsibilities.

Ignorance and uncertainty undermine security. If staff and management are unaware of their responsibilities, risks the organisation faces, and how to react to incidents, the impact of risks materialising is significantly magnified. Uncertainty too is disabling. Organisations, through their staff, become constrained in the opportunities they are willing to explore, because they do not understand the risks, and the actions that could be taken to mitigate the risks.

Awareness (making staff aware of what is expected of them) is a critical element of successful security. Without awareness, users cannot be responsible for compliance with policy; this will certainly adversely affect the confidentiality, integrity and availability of your organisation's information.

approach

The approach taken to delivering the service is to work closely with the client organisation in delivering a service appropriate to their specific requirements.

commissum will:

• understand business requirements, priorities and risks
• assess current level of awareness and implementation through review of policy and audit
• propose a strategic awareness programme
• propose a realistic action plan based on the strategy
• manage the implementation of the strategy
• measure and report on the success of the strategy

customer benefits

Risk disables - security enables. commissum can deliver an awareness improvement programme that creates an environment of confidence, ensuring the business operates without the constraints imposed by uncertainty over risk.

• staff understand the importance of their part in ensuring sound security
• staff are able to recognise security concerns and respond accordingly, feeling confident in taking both proactive and reactive action
• recognition of events that could indicate a security incident becomes reflex behaviour
• the organisation as a whole feels confident; pursuing opportunity in the knowledge that risks are understood and measures have been taken to mitigate these risks

The proven approach also realises additional benefits:

• cost effective - a consistent, coordinated approach across the corporation without duplication
• results effective - proven approach, from professionals with experience in both security and delivering training
• visibly effective - regular reports provide metrics against benchmarks to ensure improvement is measured and monitored

Note: You can download details of this service as a Adobe Acrobat PDF by clicking on the button above. If you do not already have Acrobat Reader, you can download it for free from the downloads page.