IT Governance Blog on IT governance, risk management, compliance and information security.

How can you increase the effectiveness of your information security awareness training? How can you ensure that your staff are continually reminded of their crucial responsibilities?

Effective information security education is known to be difficult to deliver. While staff induction and the continual training of existing staff are essential, most information security awareness programmes are either overly technical or oversimplified. The result is usually a gap between what typical users know and what they practice, leading to little or no change in their behaviour.

Cartoons and animated images have long been used in the reinforcement of training and staff awareness. They are particularly effective at using simple images to engage staff and convey complex information in a more interesting and often humorous manner.

	Visible Statement Visible Statement delivers critical information security reminders where users need them most – on the screens of their desktop and laptop machines. This unique software package provides high quality, visually exciting animations that make your critically important security messages fun to look at and easy to remember.

The benefits of Visible Statement include:

• Create high levels of awareness concerning your information security policies
• Appears automatically and requires virtually no administration
• Maintain user interest with daily /weekly animation changes
• Messages are 100% customisable to meet specific requirements
• Assists with compliance objectives for ISO27001, HIPAA, SOX and the Data Protection Act.

Visible Statement also provides a large number of static Logon message images to remind users of important security awareness information such as password advice, document disposal, credit card use and checking ID badges.

To see examples of the unique Visible Statement animations, please see:

Visible Statement – Animated Graphics Information Security Awareness Tool

Or call our Customer Service Centre on 0845 070 1750 or email servicecentre@itgovernance.co.uk to discuss your requirements or request a free evaluation copy of the Visible Statement software.

Other ITG Information Security Awareness products and services include:

• Information Security Staff Awareness e-Learning Course
• PCI DSS Online Course, Staff Awareness Edition
• IT Induction and Information Security Awareness Pocket Guide
• ISO27000 and Information Security: A Combined Glossary
• Information Security Awareness Posters

Ten Rules of Information Security for the Smaller Business

This highly-informative pocket guide presents in business, not techie, language the basic commonsense precautions smaller firms need to take to protect themselves from computer disaster, describing how to apply ten easy-to-follow rules that will ensure peace of mind and, more importantly, protect future cash flow. Every business needs to take appropriate steps to protect and store its mission-critical data. And with even the smallest of ‘one man band’ companies now connected to the Internet, and with many SMEs running their own computer networks and websites, business owners need to take cost-effective, practical precautions to take in order to defend themselves against cyber threats.

(more…)

High profile news stories such as the recent Phishing attacks on Web Mail services such as Hotmail and GMail frequently brings the importance of online security to the attention of the general public, but for millions of unsuspecting home owners and smaller businesses it is often too late. Consider:

• There was a 207% increase in account takeover fraud in 2008.
• Online banking fraud has increased by 132%, with losses totalling £52.5m, compared to £22.6m in 2007.
• There were 44,000 phishing websites specifically targeting banks and building societies in the UK in 2008.
• £181.7m of card fraud took place on the Internet in 2008, representing 55.3% of total Card Not Present (CNP) fraud losses.
• Just under 50% of UK businesses experienced a computer security incident (around 860,000). The number having a serious breach has stayed constant at around 25% (around 430,000).
• 16% of businesses experienced an attack from an unauthorised outsider (including hacking attempts) (137,600 incidents).

There are Ten simple steps which will dramatically reduce the liklihood of a business or small home network from falling victim to hackers, phishing attacks, viruses and so on. To find out what these 10 simple steps are simply fill in the form on our website and we’ll email you the free guide immediately.
(more…)

In light of the impending Royal Mail postal strikes we have made permanent arrangements to bypass UK Royal Mail for all overseas customers and we have a low-cost alternative in place to bypass Royal Mail in the UK in accordance with which we will reduce the UK express shipping cost to just £7 from today.

How does this affect customers?

We will continue to offer free standard shipping through to the end of October. This offer is open to all our customer, no-matter where they are in the world, for most online orders through our online store at www.itgovernance.co.uk.
(more…)

IT Governance Publishing is a prolific publisher of Pocket Guides – short, handy guides to specific IT governance, regulatory compliance, information security and business continuity subjects (amongst others), written by subject matter experts.

IT Governance Pocket Guides are an inexpensive way for small and medium sized businesses to gain an understanding of specific compliance issues before they jump in at the deep end.

Many of the Pocket Guides in the ITGP range make for an ideal awareness tool for important business issues such as Information Security, Data Protection and Business Continuity.
(more…)

IT Governance, the one-stop shop for compliance expertise, is taking a lead in National Identity Fraud Prevention Week by launching an online resource for small businesses, or individuals, seeking to strengthen their IT security.

Organisations across the UK are, this week, urging businesses and consumers to take action now to protect themselves against ID fraud.

IT Governance is unveiling a web page, called ‘Keep Safe Online’, packed with information to help people stand firm against attempted breaches of online security, such as phishing attacks on webmail services. The page not only provides links to free online resources, created by organisations from banks to the UK government, but also provides warning stories of what can happen when security attacks succeed. Furthermore, visitors can sign up for a free 10-step guide to online security that will dramatically reduce the likelihood of a business, or home network, falling victim to hackers, phishing attacks and viruses.
(more…)