IN THIS CHAPTER

Incorporating common topics

Including uniquely helpful topics

Saying the things that need to be said

Awareness programs are not prefabricated, like a house — you must customize them to meet the unique needs of an organization. Helping organizations understand their unique needs and collaborating with their leadership and security teams are how you create an awareness program that works. That said, you also find certain building blocks that are common to many security awareness programs. This chapter covers these topics and explains why I often include them in the programs I create. Chapter 6 provides the details you need to consider on these topics.

Phishing

Phishing is the most common attack that leads to damage. Even if you’re dealing with users who don’t use computers regularly, you should likely cover phishing because people will be targeted on their personal systems and the attackers might try to spoof their organization.

Phishing is so important that it’s worth covering as not only an individual topic but one that you should also enhance to cover different topics within the broader topic of phishing. These can ...