Worldwide [change] |Account |Register |About Cisco
Guest

Hierarchical Navigation

Security Center

Security Awareness

Security Awareness at Cisco and in Your Enterprise

"Because the network is a strategic customer asset, the protection of its business-critical applications and resources is a priority."

John Chambers,
Cisco CEO and President

Information security and the protection of information assets and intellectual property begin with awareness and education. To develop and preserve a culture of security in any organization, recognize that responsibility and accountability resides with all employees.

At Cisco, the executive team has embedded security into corporate initiatives and its code of business conduct, and employees are assimilating security in their daily activities. With employees educated about the importance of security and raised awareness throughout the organization, everyone works together toward the common goal of keeping the company and its partners and customers secure.

The Cisco Security Awareness Program helps to:

  • Make security pervasive, extensive, and unobtrusive across the company
  • Change behavior through active, positive reinforcement, rewards and incentives, and cross-collaboration
  • Protect intellectual assets and computing resources

Create Security Awareness in Your Enterprise

"Security is about risk tolerance, an individual's actions and responsibilities, and applied technology. At Cisco, we are all accountable for our actions and rewarded for leadership behaviors that help keep our customers, partners, suppliers, and ourselves as secure as possible. Awareness and education are vital for our success."

John N. Stewart,
Cisco Vice President and Chief Security Officer

These tips will help you to build an effective security awareness program in your enterprise:

  • Get buy-in from upper management: When the CEO says security is important and practices what he preaches, employees take notice. The same goes for all executives and managers down the line.
  • Appoint the right person(s) to lead the charge: Dedicate at least one person to focus 100 percent of their energy on security awareness across the organization. Be sure to appoint an individual who has exemplary communications skills and knows how to sell, market, and build relationships.
  • Conduct extensive research: Understand the target audiences and their organizational culture to customize your message for greater retention.
  • Build relationships: Security messages must permeate the enterprise for the awareness program to be successful. With minimal resources to carry out the program, it’s important to build strong relationships, engage influencers, and nurture those connections.
  • Create security ambassadors: Security ambassadors are the individuals in your organization who are willing to evangelize security awareness and directly influence behavior change.
  • Identify the right communications vehicles: Look for opportunities to tell the security story. Include your message at special events, such as management summits and global sales meetings, and use newsletters that are already in circulation. Don’t be afraid to reuse initiatives that have worked in the past.
  • Use credible sources: When communicating to large audiences, feature people who are recognized and trusted and use respected communications vehicles.
  • Keep your messages short and simple: Short, clear messages are easier to retain. Keep in mind that message retention comes from a continuous, sustaining program, so repetition is a must.
  • Use rewards and recognition: Develop a system that rewards individuals who have gone “above and beyond” to affect change. Include monetary incentives, and companywide recognition.
  • Make training companywide: Make training available at every level and encourage participation. When everyone is on board, the results can be impressive.

To learn more about Cisco security awareness, send email to: infosec-aware@cisco.com.
Resources

Articles

On Their ToesContent will open in a new window
Fed Tech describes how technology companies make sure employees always have security on the brain.

Creating the Culture of Security: Cisco Systems Offers 10 Tips for Building a Business of Pervasive Security (PDF - 340k)
Supplement in the August issue of CSO Magazine

Brochures

Cisco Security Awareness (PDF - 530k)
This brochure shows how to create an effective security culture through awareness.

Videos

Cisco Security Champions
This award-winning training—tied to the Cisco Code of Business Conduct and meeting law mandates for security awareness training—educates users on specific proactive behaviors needed to protect Cisco and you.

We are the Targets
This 2006 Marcom Creative Award winning video stresses the importance of information and physical security awareness at large venues.

Related Links