Security Awareness, Education, and Training
Information pertaining to security awareness, education, and training (SATE) programs:
One of the goals to formulating a successful security operation is to inform employees on the importance of information and their role in keeping it secure. A company that offers SATE programs is Science Applications International Corporation (SAIC), which specializes in Innovative applications of technology and expertise. Their SATE program complies with the National Institute for Standards and Technology (NIST) and the National Training Standards from the Committee on National Security Systems (CNSS). The program utilizes a six step process that draws upon their experience in information security, industry best practices, and established educational principles (Unknown 1). Another company that offers their service is SANS (SysAdmin, Audit, Network, Security), which is the most trusted and by far the largest source for information security training and security certification in the world. Their SATE course prepare their students for the Global Information Assurance Certification (GIAC) which has over 10,000 security professionals who have already proven their skills and knowledge to meet our challenging standards. Their instructors are security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community (Unknown 2).
Another company researched was QinetiQ and their security solutions center which included a very unique SATE. Because they are a global network I first pinpointed their nearest direct location in North America. Their North America’s Mission Solutions Group designs and presents security courses for a variety of government and commercial clients. Nearly all of their training courses are customized, reflecting the special security concerns and issues most important to the clients. QinetiQ uses its domain knowledge to provide technical advice to customers in the global aerospace, defense and security markets. Their unique positioning enables them to be a trusted partner to government organizations, predominantly in the UK and the US, including defense departments, intelligence services and security agencies (Unknown 3). Judging from the experience I have gathered from thoughtful research, I would have to go along the lines of QinetiQ because of their specialization to the security risks of any one company. It is the most valuable asset, both time and money, one could utilize as a CISO.
Unknown 1. (2010). Security Educaion and Training. SAIC From Science to Solutions. Retrieved from: http://www.saic.com/infosec/training.html
Unknown 2. (2010). Why SANS for Computer and Information Security Training?. SANS. Retrieved from: http://www.sans.org/why_sans.php
Unknown 3. (2010). Security Education and Training. QinetiQ North America. Retrieved from: http://www.qinetiq-na.com/services-security-education-training.htm