I have started to put together some resources to teach C suite, maybe new-to-the-field lawyers, other interested stakeholders - about website compliance issues..
looking to mimic other good training / learning materials, extra info to consider, maybe collab and send business I can't take on, etc.
Not the person you are replying to, but I work in security and have spent ~5 years of my career helping various companies set up and maintain security awareness programs.
There are some out-of-the-box solutions that can start you on your way to creating a security awareness training program, such as KnowBe4 and ProofPoint (there are others as well, but these are some of the big names). If you don't have in-house security staff, these types of offerings can be quite helpful.
For a more grounds-up approach, there are guidelines such as the NIST SP 800-50 "Building a Cybersecurity and Privacy Learning Program" guidance. (https://csrc.nist.gov/pubs/sp/800/50/r1/final)
If you have specific questions, I can try to answer them.
While I agree with you, that's why they are a starting point for someone looking to stand up a program, not an end point.
And, from my experience, many of the trainings that seem almost offensively easy to me (e.g. "How to read a URL") have been some of the ones that received the most positive feedback from non-technical departments.
The real key with security awareness training is ensuring the training is at the appropriate level of complexity for the trainee.
Very glad to these options and how they can be perceived by people, this should mean there are paths and that if they can be made better / different for different audiences that they may be well received.
Appreciate you and @ziddoap offering insight!
Looking at starting deck for FTC issues, Hipaa issues, and Google's policies - all for websites and apps specifically very soon and let the videos / webinars / interactive / discussions grow from here.
KnowBe4 is awesome. It trains everyone to be on the lookout. The penalty for barely screwing up is another boring training session that no one has time for. Very painful. Pain is a great teacher.
One way to relieve the boredom is to count the number of times you see the people in videos typing away on desktops/monitors with no cables plugged into them.
I have started to put together some resources to teach C suite, maybe new-to-the-field lawyers, other interested stakeholders - about website compliance issues..
looking to mimic other good training / learning materials, extra info to consider, maybe collab and send business I can't take on, etc.