Countywide Security Awareness Training Program

About the Program

Category: Information Technology (Best in Category)

Year: 2023

As part of San Bernardino County’s (County) SBSafe Initiative, the Countywide Information Security Program (CISP) includes numerous subprograms. One of the most critical subprograms is the Security Awareness Training Program (Program). Based on industry research this area of cybersecurity plays a critical role in mitigating cybersecurity risks. The Program is designed to educate County employees on security risks, best practices, and how to identify and respond to cybersecurity attacks while visiting internet sites, using email, social media, mobile apps, and more. Our Program is not the traditional and typical 20th century online computer-based training to check-the-box for security compliance. We innovated a methodology that is two-fold, while addressing 21st century security challenges and issues. Besides delivering relevant cybersecurity training to help guard against data breaches, malware infections, and phishing/ransomware attempts, we also measure outcomes for each employee and their department from a risk management perspective and principles utilizing artificial intelligence (AI). This innovative Program promotes a security culture by ensuring each employee understand they are our human firewall. Our core curriculum is robust that instructs employees how to be more responsible in safeguarding residents and citizens data, and appropriate use of County technologies (including cloud), online behavior, and computer equipment.