Title: A FRAMEWORK FOR INFORMATION SECURITY AWARENESS PROGRAMS
Abstract: The importance of information security cannot be overemphasized in today 's networked corporate world.A major component of reducing the risk of security breach in information assets is by implementing an effective security awareness program in organizations.Empirical data for this research is based on a study of two highly regulated industries -Banking and Insurance -in Puerto Rico Metropolitan Area.In this paper, we look into the various factors that go into the designing an effective security awareness program and how such a program can help companies reduce the risk of security breach.Management support is very important for the success of the program.We analyze methods for building a successful security awareness program and present a set of recommendations for strengthening the program.