A common challenge many organizations face is getting management approval and/or funding for their awareness program. This section contains resources to help justify and get support for your own awareness program. These resources are developed for the community and unless otherwise stated are distributed under the Creative Commons BY-NC-SA 4.0 license. Please send any questions or any feedback on how to improve these resources to firstname.lastname@example.org.
2015 Security Awareness Report
This report details the findings from the Security Awareness Survey taken in October, 2014 by 220 security awareness officers. This report will help you gain the management support and resources you need to be successful, and enable you to benchmark your program against other organizations in your industry.
This presentation template can be used to present to your senior management to explain the value of your proposed security awareness program; giving you the support, budget and resources you need to make your awareness program happen.
Human Risk Survey
Take a survey of your employees and learn just how little they know about security in your organization. Do they know you have a security team, do they know your policies, what percentage of your employees share their passwords?
Your organization may be required to protect certain types of data (card holder, PHI, PII, PNI, etc). Here are several sites where you can search records of publicly known data breaches.
There are a variety of regulations and standards that require security awareness training. Download our Security Awareness Compliance Requirements document that lists the most common legislation or standards that require security awareness training. In addition you will find the specific sections that state the requirement and links for more information.