| 000 -LEADER |
|---|
| fixed length control field |
07620nam a2200325Ii 4500 |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20250709140139.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
250423b ||||| |||| 00| 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781119720928 |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(OCoLC)1313804671 |
| 041 ## - LANGUAGE CODE |
|---|
| Language code of text/sound track or separate title |
eng |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
HD30.38 |
| 082 04 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
658.4/78 |
| Edition number |
23/eng/20220503 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Preferred name for the person |
Winkler, Ira, |
| Relator term |
author |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Security awareness for dummies / |
| Statement of responsibility, etc |
by Ira Winkler. |
| 264 #1 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Place of publication, distribution, etc |
Hoboken, NJ : |
| Name of publisher, distributor, etc |
John Wiley & Sons, Inc., |
| Date of publication, distribution, etc |
[2022] |
| 264 #4 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Date of publication, distribution, etc |
©2022. |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xi, 288 pages: |
| Other physical details |
illustrations; |
| Dimensions |
24 cm |
| 336 ## - CONTENT TYPE |
|---|
| Content type term |
text |
| Content type code |
txt |
| Source |
rdacontent. |
| 337 ## - MEDIA TYPE |
|---|
| Media type term |
unmediated |
| Media type code |
n |
| Source |
rdamedia. |
| 338 ## - CARRIER TYPE |
|---|
| Carrier type term |
volume |
| Carrier type code |
nc |
| Source |
rdacarrier. |
| 490 1# - SERIES STATEMENT |
|---|
| Series statement |
For dummies. |
| 500 ## - GENERAL NOTE |
|---|
| General note |
Includes index. |
| 505 0# - CONTENTS |
|---|
| Formatted contents note |
Introduction<br/>About This Book<br/>Foolish Assumptions<br/>Icons Used in This Book<br/>Beyond the Book<br/>Where to Go from Here<br/>Part 1: Getting to Know Security Awareness<br/>Chapter 1: Knowing How Security Awareness Programs Work<br/>Understanding the Benefits of Security Awareness<br/>Knowing How Security Awareness Programs Work<br/>Recognizing the Role of Awareness within a Security Program<br/>Disputing the Myth of the Human Firewall<br/>Chapter 2: Starting On the Right Foot: Avoiding What Doesn’t Work<br/>Making a Case Beyond Compliance Standards<br/>Treating Compliance as a Must<br/>Limiting the Popular Awareness Theories<br/>Distinguishing Social Engineering from Security Awareness<br/>Addressing Mental Models That Don’t Work<br/>Making Perfection the Stated Goal<br/>Measuring from the Start<br/>Prioritizing Program Over Product<br/>Choosing Substance Over Style<br/>Understanding the Role of Security Awareness<br/>Chapter 3: Applying the Science Behind Human Behavior and Risk Management<br/>Achieving Common Sense through Common Knowledge<br/>Borrowing Ideas from Safety Science<br/>Applying Accounting Practices to Security Awareness<br/>Applying the ABCs of Awareness<br/>Benefiting from Group Psychology<br/>Remembering That It’s All About Risk<br/>Part 2: Building a Security Awareness Program<br/>Chapter 4: Creating a Security Awareness Strategy<br/>Identifying the Components of an Awareness Program<br/>Figuring Out How to Pay for It All<br/>Chapter 5: Determining Culture and Business Drivers<br/>Understanding Your Organization’s Culture<br/>Identifying Subcultures<br/>Interviewing Stakeholders<br/>Partnering with Other Departments<br/>Chapter 6: Choosing What to Tell The Users<br/>Basing Topics on Business Drivers<br/>Incorporating Personal Awareness Topics<br/>Motivating Users to Do Things “Right”<br/>Common Topics Covered in Security Awareness Programs<br/>Chapter 7: Choosing the Best Tools for the Job<br/>Identifying Security Ambassadors<br/>Knowing the Two Types of Communications Tools<br/>Exploring Your Communications Arsenal<br/>Chapter 8: Measuring Performance<br/>Knowing the Hidden Cost of Awareness Efforts<br/>Meeting Compliance Requirements<br/>Collecting Engagement Metrics<br/>Measuring Improved Behavior<br/>Demonstrating a Tangible Return on Investment<br/>Recognizing Intangible Benefits of Security Awareness<br/>Knowing Where You Started: Day 0 Metrics<br/>Part 3: Putting Your Security Awareness Program Into Action<br/>Chapter 9: Assembling Your Security Awareness Program<br/>Knowing Your Budget<br/>Choosing to Implement One Program or Multiple Programs<br/>Gaining Support from Management<br/>Devising a Quarterly Delivery Strategy<br/>Deciding Whether to Include Phishing Simulations<br/>Planning Which Metrics to Collect and When<br/>Branding Your Security Awareness Program<br/>Chapter 10: Running Your Security Awareness Program<br/>Nailing the Logistics<br/>Getting All Required Approvals<br/>Getting the Most from Day 0 Metrics<br/>Creating Meaningful Reports<br/>Reevaluating Your Program<br/>Redesigning Your Program<br/>Considering Breaking News and Incidents<br/>Chapter 11: Implementing Gamification<br/>Understanding Gamification<br/>Identifying the Four Attributes of Gamification<br/>Figuring Out Where to Gamify Awareness<br/>Examining Some Tactical Gamification Examples<br/>Putting Together a Gamification Program<br/>Promoting the Program<br/>Chapter 12: Running Phishing Simulation Campaigns<br/>Knowing Why Phishing Simulations Matter<br/>Setting Goals for Your Phishing Program<br/>Planning a Phishing Program<br/>Choosing a Phishing Tool<br/>Implementing a Phishing Simulation Program<br/>Running a Phishing Simulation<br/>Tracking Metrics and Identifying Trends<br/>Dealing with Repeat Offenders<br/>Management Reporting<br/>Part 4: The Part of Tens<br/>Chapter 13: Ten Ways to Win Support for Your Awareness Program<br/>Finding Yourself a Champion<br/>Setting the Right Expectations<br/>Addressing Business Concerns<br/>Creating an Executive Program<br/>Starting Small and Simple<br/>Finding a Problem to Solve<br/>Establishing Credibility<br/>Highlighting Actual Incidents<br/>Being Responsive<br/>Looking for Similar Programs<br/>Chapter 14: Ten Ways to Make Friends and Influence People<br/>Garnering Active Executive Support<br/>Courting the Organization’s Influencers<br/>Supporting Another Project That Has Support<br/>Choosing Topics Important to Individuals<br/>Having Some Fun Events<br/>Don’t Promise Perfection<br/>Don’t Overdo the FUD Factor<br/>Scoring an Early Win<br/>Using Real Gamification<br/>Integrating the Organization’s Mission Statement<br/>Chapter 15: Ten Fundamental Awareness Topics<br/>Phishing<br/>Business Email Compromise<br/>Mobile Device Security<br/>Home Network and Computer Security<br/>Password Security<br/>Social Media Security<br/>Physical Security<br/>Malware and Ransomware<br/>Social Engineering<br/>It Can Happen to You<br/>Chapter 16: Ten Helpful Security Awareness Resources<br/>Security Awareness Special Interest Group<br/>CybSafe Research Library<br/>Cybersecurity Culture Guidelines<br/>RSA Conference Library<br/>You Can Stop Stupid<br/>The Work of Sydney Dekker<br/>Human Factors Knowledge Area<br/>People-Centric Security<br/>Human Security Engineering Consortium<br/>How to Run a Security Awareness Program Course<br/>Appendix: Sample Questionnaire<br/>Questions for the CISO or Similar Position<br/>Questions for All Employees<br/>Questions for the HR Department<br/>Questions for the Legal Department<br/>Questions for the Communications Department<br/>Questions Regarding the Appropriate Person for Physical Security<br/>Index<br/><br/> |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc |
Make security a priority on your team Every organization needs a strong security program. One recent study estimated that a hacker attack occurs somewhere every 37 seconds. Since security programs are only as effective as a team's willingness to follow their rules and protocols, it's increasingly necessary to have not just a widely accessible gold standard of security, but also a practical plan for rolling it out and getting others on board with following it. Security Awareness For Dummies gives you the blueprint for implementing this sort of holistic and hyper-secure program in your organization. Written by one of the world's most influential security professionals--and an Information Systems Security Association Hall of Famer--this pragmatic and easy-to-follow book provides a framework for creating new and highly effective awareness programs from scratch, as well as steps to take to improve on existing ones. It also covers how to measure and evaluate the success of your program and highlight its value to management. Customize and create your own program Make employees aware of the importance of security Develop metrics for success Follow industry-specific sample programs Cyberattacks aren't going away anytime soon: get this smart, friendly guide on how to get a workgroup on board with their role in security and save your organization big money in the long run. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Business enterprises |
| General subdivision |
Computer networks |
| -- |
Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Computer security. |
| 830 #0 - SERIES ADDED ENTRY--UNIFORM TITLE |
|---|
| Uniform title |
--For dummies. |
| 942 ## - ADDED ENTRY ELEMENTS |
|---|
| Source of classification or shelving scheme |
|
| Item type |
BOOK |