Security Awareness Program Design and Implementation
ScottMadden developed requirements, selected a security awareness vendor based on leading practices, and established a leading practices security awareness program.
Utility Peer Group Discovery
- Polled and interviewed utility peer groups to assess information security awareness and habits of utilities in similar industry niche
Established Standards
- Evaluated existing processes and developed recommendations based on business requirements and industry best practices
Staff Education
- Conducted workshops and developed awareness training program requirements to communicate workplace standards
Challenge
A large U.S. energy company struggled to ensure their employee population was aware of their security risks. The security organization needed a way to reach out to all of the employees in a meaningful way to break through the noise and begin to establish a culture of security awareness.
Process
- Interviewed key stakeholders to understand their current efforts around security awareness
- Polled and interviewed peer group of utilities to provide insight into security awareness best practices
- Evaluated client’s current security awareness program against an established best practice
- Developed awareness training program requirements and workshopped them to understand priorities
- Conducted workshops with key stakeholders to develop and prioritize solutions and implementation plans
- Evaluated vendors against requirements and best practices to determine best fit
- Established programmatic themes and multichannel approach to security awareness to facilitate culture of security
Result
- An enhanced security culture within the organization
- Creation of a new security awareness program with multichannel marketing throughout the enterprise
- A security roadmap addressing identified gaps and improving information security awareness
Related Insights
Effective Change Management for Government Contractors
Case Study
ScottMadden led the change management planning and execution for the rollout of an out-of-the-box program management tool.
Information Security Program Development
Case Study
ScottMadden developed, documented, and supported the implementation of a multidivisional information security program for a specialized utility service provider.
Cybersecurity Risk-Based Business Plan
Case Study
ScottMadden supported the preparation and planning of a cybersecurity framework and effectively communicated with multiple stakeholder groups the benefits the business could expect to see.
Let’s Work Together
We don’t solve problems with canned methodologies. We help you solve the right problem in the right way. Our experience ensures that the solution works for you.