Designing a Security Awareness Program: Part 1

Abstract This article represents the first of a two-part series on the importance of providing both security awareness and information systems security training to all employees, regardless of their job responsibilities. In this first article, the focus is on the first step of providing computer and information system security—developing and implementing an effective security awareness program. Readers may ask why security awareness is not considered the same as training. The simple answer is because the desired outcome of each is different.