1st Edition

Security Awareness Design in the New Normal Age

By Wendy F. Goucher Copyright 2023
    136 Pages 25 B/W Illustrations
    by CRC Press

    People working in our cyber world have access to a wide range of information including sensitive personal or corporate information which increases the risk to it. One of the aspects of the protection of this data is to train the user to behave more securely. This means that every person who handles sensitive information, their own or that of other people, be aware of the risks that their use can pose as well as how to do their job in such a way as to reduce that risk.

    The approach we use for that is called ‘Security awareness’ but would be more accurately described as security ‘un-awareness’ because most of the problems come where the user doesn’t know about a risk from their behaviour, or its potential impact. In these post COVID days of ‘New Normal’ working, in which staff spend more of their time working at home, organisations are still responsible for the protection of sensitive personal and corporate data. This means that it is more important than ever to create an effective security awareness communication process.

    This book will primarily consider the problem of hitting that ‘Sweet Spot’ in the age of ‘New Normal' working, which means that the knowledge about secure practice is not only understood and remembered, but also reliably put into practice – even when a person is working alone. This will be informed by academic research as well as experience, both my own and learnt from my fellow professionals, and then will be used to demonstrate how ‘New Normal’ working can improve security awareness as well as challenge it.

    Chapter One

    What is Security Awareness and why should you care?

    Chapter Two

    Security Awareness and protecting information through history.

    Chapter Three

    The challenges of communicating about security awareness

    Chapter Four

    Taking on an invisible threat

    Chapter Five

    Turning ‘Behavioural Intent’ into Habitual behaviour.

    Chapter Six

    The Challenges of the COVID years and the ‘New Normal’

    Chapter Seven

    Security Awareness programs and Mental Health in the ‘New Normal Age’

    Chapter Eight

    Looking back at the start of ‘New Normal’ working: a case study

    Chapter Nine

    Carrying the forward the loot from the hard- fought battle *

    Chapter 10

    "They think it’s all over ……"



    Wendy Goucher is an Information Security and Risk Consultant at Goucher Consulting. Most of her work is focused on working with organisations to devise policy and procedures that are both compliant with external rules and operationally effective. Wendy has also designed and delivered security awareness programs and material in a range of organisations including a FTSE 100 organisation. She also used her training and experience as a lecturer as part of a team that produced the teaching materials for a security awareness curriculum to be rolled out to children ages 5 to 18 in a middle eastern country. More recently Wendy is the author of the successful ‘Nettie in Cyberland’ series of books which use stories to start the conversation about cyber security between children around the age of five and their parents and carers. Her other books include Information Security Auditor: Careers in Information Security (BCS Guides to IT Roles) 2015 and has co-authored The CIO’s Guide to Information Security Incident Management in 2018.