Latest News

Safelight Develops Blueprint to Align Security Education with Organizational Risk

PROVIDENCE, R.I. Feb. 8, 2011 Safelight Security Education Blueprint

Rob Cheyne

Safelight’s Security Education Blueprint offers a practical, structured approach to beginning or growing a security education program. At the center of the blueprint is a set of self-assessment questions that measure the people aspect of an organization’s information risk. After responding to the questions, a user receives a custom blueprint for building an education program that matches the organization’s risk profile.

Safelight’s Security Education Blueprint considers five functional groups of employees — general staff, development staff, IT and operations staff, executives and management, and security staff –and defines three program maturity levels for each group. Beyond categorizing staff by their function, the Blueprint acknowledges a more nuanced reality: the behavior of people in the same functional group often represents different levels of risk. Thus, the Blueprint makes specific recommendations for low, moderate and high-risk employees within each staff group.

custom Blueprint level

"The Blueprint originated from our work with clients and our fundamental belief that organizations should train and equip every employee to protect information," said Cheyne.  "As with any information security initiative, education programs should be risk-based. A successful program, one that sustainably shifts the way employees think about the value of information and their role in protecting it, is built with a clear understanding of how employees interact with information in their everyday work."

RSA Conference 2011 San Francisco, Calif. February 14-18, 2011

March 31

About Safelight

SOURCE Safelight

Leave a comment

seks shop - izolasyon
basic theory test book basic theory test