Security Awareness Ecosystem, and Culture

Question 1

What is cybersecurity awareness all about?

Answer 1

1. Recognising IT security concerns
2. Change user behaviour
3. User as first line of defense
4. Applicable to all users in the organisation

Question 2

What are the three critical elements to ensure sustained executive support for security awareness?

Answer 2

1. Vision
2. Metrics
3. Communicating business value

Question 3

What are the objectives for a security awareness program?

Answer 3

1. Educate
2. Change
3. Organisational learning

Question 4

What are the characteristics of a learning continuum layer?

Answer 4

1. Awareness
2. Training
3. Education

Question 5

What are the characteristics of understanding your environment in security awareness training?

Answer 5

1. Roles and responsibilities
2. Budget
3. Stakeholders
4. Culture
5. Policies
6. Business

Question 6

How to design a cyber security awareness program?

Answer 6

1. Identify Awareness Program
2. Conduct a Needs Assessment to determine the baseline
3. Determine sources and methods of a needs assessment
4. Develop awareness program materials
5. Identify best delivery method
6. Communicate
7. Metrics and monitoring
8. Regular audit

Question 7

How to implement a cybersecurity-first culture?

Answer 7

1. Implement security awareness training
2. Establish accountability
3. Embed it into the organisation’s core values

Question 8

What is a cyber ecosystem?

Answer 8

A variety of participants that interact with multiple purposes to help each other!

Question 9

What kind of Awareness Program Model exist?

Answer 9

1. Centralised Program Management Model
2. Partially Decentralized Program Management Model
3. Fully Decentralized Program Management Model