Information Security Service Branding
– beyond information security awareness
Rahul Rastogi, Rossouw Von Solms
End-users play a critical role in the effective implementation
and running of an information security program in any
organization. The success of such a program depends primarily
on the effective implementation and execution of associated
information security policies and controls and the resultant
behavior and actions of end-users. However, end-users often
have negative perception of information security in the
organization and exhibit non-compliance. In order to improve
compliance levels, it is vital to improve the image of
information security in the minds of end-users. This paper
borrows the concepts of brands and branding from the domain
of marketing to achieve this objective and applies these
concepts to information security. The paper also describes a
process for creating the information security service brand in
the organization. Full Text
|