Symantec Announces Security Awareness Program
Security solutions provider Symantec announced the release of the second version of its Security Awareness Program. The curriculum, an updated, all-inclusive suite of training and communication tools, assists organizations with meeting regulatory requirements for employee security awareness training, while reducing vulnerabilities and creating a more security-conscious workforce.
“The audience for this is the general workforce,” said Kathy Coe, Symantec’s director of education services. “It’s intended for employees across the board in any organization.”
The Security Awareness Program’s content addresses both general IT security principles and methods specific to each company. “The focus of what we convey to a customer is what we call ‘security best practice,’” Coe said. “In general, this is what you as an employee need to be aware of within an organization. What we’ve built in is the ability for the customer to customize the offering. Within every organization, there are certain specific security policies and procedures. What can be augmented by the customer is additional information about their company’s specific procedures.”
All of the information is delivered through a primary program of computer-based training, as well as a set of supplemental paraphernalia—such as screen savers, posters and brochures—that present IT security practices in a concise, straightforward manner, Coe said. “The Web-based training of the offering is intended for installation on a customer’s corporate intranet. The program includes 10 different relevant security topics. We surround it with some other tools that we provide as part of the Web-based training that organizations can roll out to their employees. It becomes a more comprehensive program that’s supported with different mediums and venues for getting the information across.”
There are many benefits for organizations that implement programs to raise their workforce’s awareness of IT security issues. Particularly significant are compliance concerns that have appeared since the passage of privacy legislation like HIPAA, Coe said. “Many organizations are pressured because of regulation. Financial institutions and health-care institutions are being mandated as part of security and privacy issues to roll out employee security awareness training.”
In addition, the rise of security breaches at companies, more than half of which are generated internally, is another problem that can be dealt with through IT security training for employees. “Organizations are impacted internally every day of the week by viruses, worms, etc.,” Coe said. “It primarily has to do not so much with malicious behavior, but pure ignorance on the part of employees.”
Another advantage of Symantec’s Security Awareness Program is that those who complete it receive a certificate of achievement, along with five continuing professional education (CPE) credits for the Certified Information Systems Security Professional (CISSP) certification offered by the security credentialing organization (ISC)2.
For more information, see http://www.symantec.com/index.htm.