Chapter 2

Starting On the Right Foot: Avoiding What Doesn’t Work


Bullet Making compliance the goal — and nothing more

Bullet Failing to compel compliance

Bullet Overindulging in science with limited practical use

Bullet Mistaking social engineering skills for awareness expertise

Bullet Setting inappropriate expectations

Bullet Valuing products more than process

Bullet Buying into gimmicks that yield no results

Bullet Overestimating the role of security awareness

After working in the security awareness field for 30 years, I have learned the importance of knowing not only what works but also what doesn’t work. In the security awareness field, knowing what doesn’t work is almost more important than knowing what works.

This chapter ...

Get Security Awareness For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.