130 likes | 265 Views
3rd Information Security and Cyber Defence Conference Ms. Anett Mádi-Nátor National Security Authority of Hungary Head of Information Security Awareness “How information security awareness programs are able to change corporate mind-set – a case study”. 2013 Balatonőszöd.
E N D
3rd Information Security and Cyber Defence Conference Ms.AnettMádi-Nátor National Security Authority of Hungary Head of Information Security Awareness “How information security awareness programs are able to change corporate mind-set – a case study” 2013 Balatonőszöd
Multi-level awareness The case The study The evaluation The conclusion Table of contents Information security awareness – a case study
Priviledged users Normal users System administrators System developers Information security awareness trainers Multi-level awareness Information security awareness – a case study
A regionally significant service provider More than 6000 employees More than 43 million clients More than 65 million $ revenue Decision makers Users IT experts 1 month The case Information security awareness – a case study
Professional content of training – system hardening methods including UNIX, Windows, and network aspects Pre-session and post-session questionnaire for assessing the change of security awareness level Analysis of answers is based on statistical methods Measuring effectiveness of training itself The study Information security awareness – a case study
Willingness to participate in further information security awareness trainings
How safe the IT system of the company is considered by experts managing it
Would you introduce new/additional security measures to protect corporate business data?
Introducing new security measures to protect data on client phones
Commitment to professional trainings Company IT system is considered less secure than before A more structured view of security, relying on the IT Security Dept. A more concise view of system weaknesses A need for change regarding the IT security concept The evaluation Information security awareness – a case study
Focus of experts moves to company- and corporate-level security from securing end-user devices Growing demand for expert knowledge transfer Solution-driven information security approach in practice The conclusion Information security awareness – a case study
3rd Information Security and Cyber Defence Conference Thank you for your attention (and the fish) 2013 Balatonőszöd