Visma Security Awareness Program

Additional Info

Job title of nominated professional (or team name)Visma Security Awareness Program
Company (where nominated professional or team is working)Visma
Websitehttps://www.visma.com/
Company size (employees)10,000 or more
CountryNorway
Headquarters RegionEurope

Overview

The identifiable goal for the Visma Security Awareness Program is to change people’s security behaviour. We target two main groups with our awareness initiatives; the first one is Visma employees and the second one is Visma’s external market consisting of clients, users of our products, industry colleagues and everyone else in the world.

The goal of Visma’s Security Awareness Program is to influence and motivate people “to make good security decisions every day”. Regardless of where in Visma you work, or if you are a customer or not, we really want to inspire and motivate people to make good security decisions.

With this in mind, we produce a ton of security initiatives, contents and campaigns, throughout the year, on different security topics and these initiatives are delivered through different channels and through different methods.

These are some examples of security topics (delivered at beginner, intermediate or technical level); social engineering, work from home, Bug Bounty, IT backups, fake news and disinformation, nation state threat actors, passwords, holiday scams, encryption, CEO scams, security tips, and much more.

We believe that the key factors to success with security awareness initiatives, is to always amplify, multiply and repeat all the initiatives, again and again; locally, globally, internally and externally. To create the highest engagement.

We use several channels of communication, such as; traditional media like newspapers, social media, presentations at global conferences, security stands/booths at events, internal meetings, intranet, virtual meetings, workshops and special interest groups (security engineers, OWASP etc.)

The methods through which we spread the security awareness topics are through; videos, live talks, articles, blog posts, podcasts, TV, radio, social media, books, panel discussions, best-practices, white papers, reports, word-of-mouth etc. For example, if we write an article on the topic of Fake News, we amplify and multiply the awareness campaign.

Accomplishments

The goal of Visma’s Security Awareness Program is to influence and motivate people “to make good security decisions every day”. We believe that the key factors to success with security awareness initiatives, is to always amplify, multiply and repeat all the initiatives, again and again; locally, globally, internally and externally. To create the highest engagement.2023’s results, to summarise it a bit;
- 732 LinkedIn posts,
- 141 overall media engagements,
- 132 talks at conferences, webinars and other types of events,
We have done this security awareness work in 10 different countries and 21 cities.


With videos, blog posts and articles we have had almost 200 000 impressions at LinkedIn.
These are high and respectable numbers compared to Visma’s average statistics on our global and local LinkedIn profiles. Approximately 50% of the security awareness work that we have done is online and 50% physical.


We are honoured that 35 security employees, Security Ambassadors, in Visma held presentations at renowned conferences around the world. You can see the people when we honour them in this video at LinkedIn. We gave Diplomas to the security ambassadors to share on LinkedIn.


The Visma blog has a section for security articles where we have 52 blog posts (from 2020). These are used for awareness purposes internally, externally, and we create short videos of them. Visma’s Security research can be followed here.


Creating awareness around some of the security services we have, like our bug bounty program where we have e.g, our Visma “Mother of hackers” (for a more technical audience). Our Chief security officer Espen Agnalt Johansen, in a panel discussion, moderated by recorded future, LinkedIn post. Our Visma SECCON conference has attracted more than 1000 people globally to attend live, as well as being watched afterwards on Youtube.