Most security awareness programs suck. They involve canned video presentations or someone from HR explaining computer use policies. Others are extremely expensive and beyond the reach of the budgets of smaller organizations.
This talk from DerbyCon will show you how to build a security awareness program from scratch for little or no money, and how to engage your users so that they get the most out of the program.
Authors: Bill Gardner is an associate professor at Marshall University. Valerie Thomas is a Senior Information Security Consultant for Securicon.
To learn why we need more security awareness programs, read this column by Kai Roer.