Published on June 21, 2010 by Karen Letain in Other, Planning
Below is the promised Part 2 of the list of free resources. If you need to “freshen” up your existing training or are looking for potentially new ideas for security awareness, some of these links may be helpful. If you have any more you would like to share, we would love to hear about them.
http://csrc.nist.gov/publications/nistpubs/800-16/800-16.pdf - NIST - Information Security Requirements
http://www.iwar.org.uk/comsec/resources/sa-tools/ - Information Warfare Site Resources
http://www.articulate.com/rapid-elearning/9-free-tools-that-help-me-build-better-e-learning/ - great e-learning tools!
http://moodle.org- open source CMS/LMS - if there is anyone out there who still has not discovered this one!
http://elearningtech.blogspot.com/2009/12/elearning-templates-20-resources.html - free elearning templates
http://www.learningsolutionsmag.com - great online magazine with excellent articles and insight
http://www.csoonline.com/article/493941/seven-practical-ideas-for-security-awareness
http://www.csoonline.com/article/221058/ideas-from-security-awareness-survey-respondents - 2006 article which is a bit dated but the ideas still apply today
http://www.gideonrasmussen.com/sectips-full.html - 24 security awareness tips by Gideon T. Rasmussen
Published on June 08, 2010 by Karen Letain in News
When you get it wrong, the signs are painfully clear, but the reasons may not always be obvious. Making that all-important connection with your learners does not happen by accident. When you are putting together a security awareness training solution you need to make it not only interesting but RELEVANT.
If the learner already has knowledge on security topics/issues, why do they then need additional training on the areas they already understand? The mistake often made is that content is developed from the assumption that the learner knows very little and therefore needs to drink from the proverbial "fire hose". This does not have to be the case. Constructing a well thought out quiz delivered prior to content or training to be developed or delivered can eliminate repetitive, boring content that has already been adopted by the learner. A quiz can act as a baseline, identifying gaps in the overall knowledge of the learners. Focus can then be spent on either developing content in the areas of weakness or looking for supplemental online content or reinforcement tools to address the gap. The quiz can then be run again after the training to determine whether or not the learning content was absorbed.
