When executives at organizations make decisions on information security, they often delegate it to members of the information technology staff (i.e., security is an IT issue, they should deal with it). However, technology alone cannot address all information security related issues. Many issues concerning information security are either management related or personnel related.
As organizations improve their technical security, a major gap can remain on the human side: that of helping an organization’s workforce to improve their security awareness and alertness via the delivery of Security Education Training and Awareness (SETA).
WE WRITE PAPERS FOR STUDENTS
Tell us about your assignment and we will find the best writer for your project.
Write My Essay For MeFor this Discussion, you will investigate several cases where an organization’s focus on technical controls has led to a security incident. You will analyze how organizations provide security training to their staff, you will evaluate how effective these training programs have been, and you will determine the ways organizations attempt to measure the impact of their training programs and what these organizations are doing to improve this training.
To Prepare:
4- to 6 – paragraphs post that includes the following:
A description of the cases you investigated involving a security incident, including an analysis of what nontechnical controls would have prevented or detected the incident in each case
Answers to the following questions:
How do organizations today deliver their Security Education Training and Awareness (SETA) messages to their staff?
How effective are these delivery methods? Explain.
How are organizations measuring this effectiveness, and what are they doing to improve the impact of their SETA campaigns
SAMPLE SOLUTION
When Technical Controls Fail: The Human Side of Information Security
Security Education Training and Awareness (SETA) is an education program designed by an organization to minimize the number of security breaches experienced due to lack of awareness among the employees. The awareness program plays a fundamental role in explaining the role and responsibilities expected from the employees in information security (Tonye, 2019). According to Abawajy (2014), using technical controls is not enough to keep the organization’s information system secure in…
Order Original and Plagiarism-free Papers Written from Scratch:
