By: Tonya Mead, CFE, PI, MBA, MA Educational Psychology
In a review of the 2016 SANS Institute Report on security awareness training programs; CSO interviewed Lance Spitzner, Director of the Securing the Human Program at SANS. He summarized the general findings that companies have focused too much on compliance and not enough on behavior modification.
Other articles you may find of interest
- Post- Insider Threats and Data Breaches
- Post- Technology and Cyber Threats in Schools
- Post- Hack to prove enrollment
- Post- Cyber scammers target schools
- Post- 2016 Botnet grade in education- graph
- Post- Botnets and identity theft in education
- Post- WTF? CDI says don’t worry about threat in schools
- Presentation- The exploitation of minors to gain confidential information
- Post- Internet filters and monitors in schools
- Post- Summertime, kids and cyber threats
In Chapter Four of my book, Fraud in Education: Beyond the Wrong Answer, I proposed the inclusion of an employee recognition and reward program as an adaptation of the Wortley Classification Table of White Collar Crime Prevention [1] [2]. Definitive research in the compliance field asserts that “incentives help drive behavior” [2]. The finalized table is visualized in Image 33 preceded by an extensive discussion in my book, on page 104.
Tonya J. Mead, CFE, PI, MBA, MA, Certified K-12 Administrator and School Psychologist is author of Fraud in Education: Beyond the Wrong Answer and president of Shared Knowledge, LLC https://ishareknowledge.com
Sources:
- T. Mead, Fraud in Education: Beyond the Wrong Answer, Shared Knowledge, LLC, November 2016.
- R. Wortley, “A Classification of Techniques for Controlling Situational Precipitators of Crime,” Security Journal. 14: p. 63-82, 2001.
- J.E. Murphy, “Using Incentives in Your Compliance and Ethics Program,” Society of Corporate Compliance and Ethics, Minneapolis, MN, 2011.