Link to home
Start Free TrialLog in
Avatar of freebeee01
freebeee01

asked on

What are some good questions to ask a service provider about Security Awareness Training that they have to offer?

We are looking at a provider called "Knowbe4". I want to come up with some questions about there services to dig deeper into what they can provide as far as security awareness. Before I have a meeting/call with them, I want to know what questions should I be asking them to make sure I get what I need out of there services? Please list a few high level questions. Thank you.
Avatar of netcmh
netcmh
Flag of United States of America image

I would like to know how the training provider would push for changing the status quo. What means would they have as their primary channel for awareness training. I mean videos or Powerpoint slides are good, but how can we make it better? Making the training fun and interactive would help drive the points home.

Awareness programs and security trainings are 2 separate things. How would they be able to influence the behavior change in your users? All of your users, don't skip on the per-diems or contract emps. Awareness should not be just a “check the box" exercise.
Also, how would they provide measurement? How would the awareness be measured?
ASKER CERTIFIED SOLUTION
Avatar of Sean Jackson
Sean Jackson
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of freebeee01
freebeee01

ASKER

Those are some good questions. I need a few more. Something along the lines of how should I execute or implement this in my environment, so forth and so on.
I would anticipate they would address those questions in your initial conversation.

Meaning, they're going to bring it up, not you.
This is SAAS (100% Cloud base training). I will be the facilitator/trainer for my company responsible for registering users,  reminding users to sign up for the training and do the exercise. The service will also provide templates that I can send to my users as an email to test them after they receive the training. I have a few questions for those that have incorporated this in there place of work.

1. What are some ideas to make training fun and interactive?

2. What are some corrective options/actions to deal with my employees who fail the PST (Phishing Security Test) after they have been given the training?

3.  What is the best approach to incorporate security awareness for new employees during their orientation when they hop on board? Maybe train HR personal so they will know how to provide a brief overview to the new employees in a form of a slide show, video, etc? I dont know, what's the best approach? Does anyone have any experience with this?

4, Also thinking about placing posters in certain areas of our building to encourage people to take the training, are there any posters online so that I can print it out?

5. How often should do the PST with my users, and why?

Anything else creative that I can do, let me know.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial