Skip to Main Content
Fighting Phishing
book

Fighting Phishing

by Roger A. Grimes
February 2024
Intermediate to advanced content levelIntermediate to advanced
448 pages
9h 22m
English
Wiley
Content preview from Fighting Phishing

CHAPTER 6Creating a Corporate SAT Policy

Chapter 6 will detail how to create a corporate security awareness training (SAT) policy and finish with an example document. If you don't have to create corporate SAT policies, you might consider skipping this chapter. However, it contains concepts and ideas to consider even if you don't need a formal policy. Most people involved in SAT programs will benefit from reading this chapter.

Much of this information was previously included in a KnowBe4 whitepaper written by the author: www.knowbe4.com/typ-wp-example-sat-policy-guide.

Getting Started with Your SAT Policy

Fighting any cybersecurity threat means crafting a detailed, layered, defense-in-depth set of mitigations, including policies, technical defenses, and training. So far, despite more than three decades of the best technical defenses, social engineering and phishing attacks continue to get to end users. End users must be taught how to recognize social engineering and phishing threats and how to treat and appropriately report them. Accordingly, security awareness training (SAT) is among the most high-value mitigations any organization can perform to significantly reduce cybersecurity risk.

All security mitigations should have policies directing their application and use. All SAT programs should begin with or be driven by an SAT policy document. The beginning of this chapter covers the various components that should be covered by any SAT policy. The chapter finishes with a ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Cybersecurity – Attack and Defense Strategies - Second Edition

Cybersecurity – Attack and Defense Strategies - Second Edition

Yuri Diogenes, Dr. Erdal Ozkaya
Critical Infrastructure Security

Critical Infrastructure Security

Soledad Antelada Toledano

Publisher Resources

ISBN: 9781394249206Purchase Link