'Awareness is only the first step'

Created:  15 Jan 2016
Updated:  25 Feb 2016
New white paper from RISCS, HPE and CESG (now part of the NCSC) urges organisations to engage employees in order to improve cyber security.

The Research Institute in Science of Cyber Security (RISCS), Hewlett Packard Enterprise (HPE) and CESG -  now part of the NCSC -  have published a white paper encouraging organisations to engage employees in order to improve cyber security.

The white paper  'Awareness is only the first step'  outlines a set of steps that will help organisations deliver effective security communciation and training (CET). The paper aims to "set out a framework for security awareness that employees will actually engage with, and empower them to become the strongest link - rather than a vulnerability - in defending the organization.

"The secret is engaging your people in the right way, so they can convert learning into tangible action and new behavior. Security CET needs to be properly resourced and regularly reviewed and updated to achieve lasting behavior change".


Progressive Engagement


The paper also suggests a framework for progressive engagement (shown above) that act as a lifecycle for awareness activities that  should be implemented and revisited.

The full white paper can be downloaded in full from the RISCS website.







Was this news helpful?

We need your feedback to improve this content.

Yes No