Information Security Awareness, Training and Motivation — Native Intelligence, Inc.

Are security awareness and privacy training mandatory for all industries?

Not yet.  In the United States, laws requiring security and privacy awareness training apply to:

  • The Federal Government (Federal Information System Security Managers' Act, or FISMA)
  • The health care industry (Health Insurance Portability and Accountability Act, or HIPAA)
  • Financial institutions (Gramm-Leach-Bliley Act [GLBA] and Sarbanes-Oxley Act, or SOX)
  • Publicly-traded companies (SOX)

In addition, as of January 2007, 37 US states and the District of Columbia have passed laws that require customer notification of breaches involving customers' personal information.

How Will An Awareness Program Protect Our Organization?

Awareness protects assets and prevents loss.An awareness program helps prevent loss. When people know what to look for and what to do, problems are noticed and acted on earlier.

To avoid or defend against charges of negligence after a data breach or other incident, organizations must:

  • Demonstrate due diligence in training everyone who interacts with or who can affect the organizations' information systems, networks, and sensitive information.
  • Document who has received security awareness and training
  • Record how each individual's understanding of the awareness and training content has been confirmed.

Awareness programs can accomplish these goals.

How Can Native Intelligence Help?

Native Intelligence has an eleven-year record of success in increasing workforce security awareness for our clients. We offer a full range of products and services, from posters and tip sheets to complete security awareness and motivational programs with performance metrics.

With good security behaviors habitual throughout an organization, the number and severity of security incidents decline along with the risk of lawsuits or legal action. In turn, productivity increases along with a public confidence in your organization's ability to protect sensitive customer and business data: safe harbors provide a natural competitive advantage.

Our awareness and training professionals can work with you to make your workforce security savvy.

More Information About Awareness Programs

Benefits of an Awareness Program

Why Awareness Is Important

Prevention Is Better Than Cure (a poem)

Security Awareness Program Metrics

Measure What Matters, Part 1
Measure What Matters, Part 2
Measure What Matters, Part 3
Measure What Matters, Part 4

Chapter on Awareness Programs

Cover of 4th edition of Computer Security Handbook

The 4th Edition of the Computer Security Handbook was published in April 2002. Chapter 29 deals with Security Awareness. Our founder and Chief Inspiration Officer (CIO) is the principal author of Chapter 29.

Chapter Authors:
K Rudolph, CISSP
Louis Numkin and Gale Warshawsky

Adobe PDF file

Download the chapter (69 KB)

The 5th edition (with an updated chapter) will be published in 2007.