Advanced Persistent Training: Take Your Security Awareness Program to the Next Level

Gain greater compliance with corporate training by addressing the heart of the very awareness vs. compliance problem: people are human. People have incredible strengths and incredible weaknesses, and as a Information Security professional, you need to recognize and devise training strategies that take advantage of both. This concise book introduces two such strategies, which combined, can take a security awareness program to the next level of effectiveness, retention, compliance, and maturity.

Security policies and procedures are often times inconvenient, technically complex, and hard to understand. Advanced Persistent Training provides numerous tips from a wide range of disciplines to handle these especially difficult situations.

Many information security professionals are required by regulation or policy to provide security awareness training within the companies they work for, but many believe that the resulting low compliance with training does not outweigh the costs of delivering that training. There are also many who believe that this training is crucial, if only it could be more effective.

What you will learn

• Present awareness materials all year-round in a way that people will really listen.
• Implement a “behavior-first” approach to teaching security awareness.
• Adopt to gamification the right way, even for people who hate games.
• Use tips from security awareness leaders addressing the same problems you face.

Who is this book for

Security awareness professionals or IT Security professionals who are tasked with teaching security awareness within their organization.

Table of Contents

Chapter 1: Challenges Faced by Organizations
Chapter 2: Active Feedback
Chapter 3: Behavioral Modification
Chapter 4: Persistent Training
Chapter 5: Metrics and Measures
Chapter 6: Pro Tips
Chapter 7: Security Culture
Chapter 8: Take Your Program to the Next Level
Appendix A: Lessons from the Masters