Common knowledge in the IT Security community is that People are one of the weakest links in your attempts to secure systems and protect assets. If adequate security is to be implemented and maintained, more focused attention must be paid to managing the “people factor.”
A robust awareness and training program can help to ensure that your people understand their security responsibilities, your security policies, and the proper use and protection of the assets entrusted to them.
In this article is a list of videos that I recorded from the information in NIST SP 800-50, Building an IT Security and Awareness and Training Program. This detailed guidance from the National Institute of Standards and Technology (NIST) outlines the steps needed to establish an IT Security Awareness and Training program in your organization.
The 5 videos in this series follow the 800-50 publication closely and are available via links in this article or as a playlist on my YouTube channel.
Watch the other videos in this series:
- Part 1: Building an IT Security Awareness and Training Program
- Part 2: Designing an IT Security Awareness and Training Program
- Part 3: Developing IT Security Awareness and Training Material
- Part 4 : Implementing an IT Security Awareness and Training Program
- Part 5: Post-Implementation – Monitoring, Measuring, and Maintaining an IT Security Awareness and Training Program