Training, Awareness, and Education

            Employee development takes many forms - from annual reviews
            to job action plans, and from training to education. There is little
            doubt that one of the best investments an organization can make
            is to invest in its employees through training and education.
            People need the right skills to do their jobs, and they need to be
            challenged and encouraged to keep up their skills and
            qualifications. Too many people lose their jobs today, and
            because they have not kept up their skills, it can be very difficult
            to find a new job. A lack of commitment to the organization or
            lack of expertise to maintain the systems and networks of the
            organization puts the entire organization at risk, not just a single
            system or department.

            Training provides the specific skills  and knowledge needed to
            implement,  operate,  and  maintain  a  system,  device,  or
            application. Education is more well-rounded, often based on soft
            skills or more general knowledge that can be used to manage or
            assist in decision-making.



            Security Awareness
            Perhaps the most powerful tool in the arsenal of the security
            professional is a strong security awareness program. Security
            awareness provides the general knowledge to everyone in an
            interesting and informative manner. Awareness training ensures
            that everyone knows the policies, ethics, procedures, and
            security culture of the organization.

            Once people are aware of the threats, vulnerabilities, and risks
            faced by the organization, they are better prepared to make the
            correct decisions. They can work together with the security team