Essay on Security Awareness Communication Methods

Introduction

Setting a tone from the top is an effective way of communicating to employees regarding the security of an organization's systems. In this method, top leadership communicates to all and sundry in the organization and outside the organization on security matters. It places highest priority on protecting the security and privacy of customers, employees, and organizational data (Forbes Technology Council, 2017). This approach projects the CEO as a symbol of information security thereby acting as a constant reminder to employees about their responsibilities in safeguarding the organization's security systems.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Making presentations is a valuable platform through which awareness about information security can reach employees and customers. Through this platform, individuals with expert knowledge about information systems make presentations to the workers on ways of overcoming systems security challenges (Tipton & Nozaki, 2016). It becomes necessary to make presentations because it helps to clarify some of the IT jargons that most non-IT persons do not understand.

Streaming of security information on TV monitors can also create awareness on information security.TV monitors can be used to display information about security threats and available security measures of countering them. These screens are put in strategic places where customers and employees frequent (Bayan, 2004). If well-implemented, it can help in creating awareness among clients and employees about information security.

Screensavers on computers can be an effective channel through which employees learn about systems security. These are visual reminders displayed on computer screens and seek to reinforce information security protection behaviours. This approach is often complemented with pop up adverts when one logs into the system. These reminders may contain new knowledge or old information (Bayan, 2004).

Brown-bag lunches can also be useful in communicating security awareness to employees. These are short, informal sessions where employees gather to discuss a given issue during working hours. This method can be appropriate in situations where awareness needs to be created immediately after a security breach has occurred. It seeks to avoid further risks after a security incident (Albrechtsen & Hovden, 2010; Bayan, 2004). It is a short-term measure meant to stabilize the situation as long-term solutions are pursued.

Company-wide circulation of emails has the potential of creating awareness about the security of an organization's information systems. This can be distributed in the form of a weekly newsletter that educates employees on new information on security threats. It can further be used to remind employees of their responsibilities in safeguarding organizational systems (Tipton & Nozaki, 2016). Emails reach a wide audience of employees and customers.

Sometimes email circulation can be a challenge to some employees especially if their schedules are tight. For this reason, it is crucial to prepare newsletters both in print and online and circulate them to the employees on a regular basis of say a month. Mostly, they contain information security trends and also outline the policy of the organization in matters related information systems security (Tipton & Nozaki, 2016; Bayan, 2004). This form of communication can also be used to share information security challenges with the customers and other stakeholders

Conclusion

To minimize cases where employees appear negligent of the company's security policy, it is vital that they sign policy documents to demonstrate their commitment to the security policy of the organization. Human beings are rebellious in nature. Therefore, it is beneficial to let everyone know the reason as to why a given security policy is in place through formal commitments. Sometimes, it is difficult for people to respect policies that they do not see in action. Because of this trait, these commitments need to be enforced to the letter (Ahlan, Lubis, & Lubis, 2015; Bayan, 2004). In other words, those individuals that fail to comply with the policy must be punished. If, for instance, the organization's policy states that an employee found downloading inappropriate material will be terminated, it is critical that termination is enforced when such incidents occur. Such action would send a clear message to other staff members that adherence to the information security policy is mandatory (Bayan, 2004). It is an emphatic way of communicating information security issues to the employees.

References

Ahlan, A. R., Lubis, M., & Lubis, A. R. (2015). Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and Measures. Procedia Computer Science, 72, 361-373. doi:10.1016/j.procs.2015.12.151

Albrechtsen, E., & Hovden, J. (2010). Improving information security awareness and behaviour through dialogue, participation and collective reflection. An intervention study. Computers & Security, 29(4), 432-445. doi:10.1016/j.cose.2009.12.005

Bayan, R. (2004). Success strategies for security awareness. Retrieved from https://www.techrepublic.com/article/success-strategies-for-security-awareness/

Forbes Technology Council. (2017, December 5). Why cybersecurity teams need to build bridges. Forbes.

Tipton, H. F., & Nozaki, M. K. (2014). Information security management handbook: Volume 5 (6th ed.). Boca Raton: CRC Press.