Overview
The article discusses LinkedIn's Security Champions Program, which was established to enhance internal security initiatives by training engineers to become security advocates within their teams. It outlines the program's structure, goals, and the benefits for both the participants and the organization.
What You'll Learn
1
How to create a Security Champions Program tailored to your organization
2
Why engaging engineers in security initiatives is crucial for organizational safety
3
How to implement hands-on training methods like Capture the Flag competitions
Prerequisites & Requirements
- Basic understanding of information security principles
- Experience working in an engineering role
Key Questions Answered
What is the purpose of LinkedIn's Security Champions Program?
The Security Champions Program aims to enhance security awareness among engineers by training selected individuals to become security advocates within their teams. This initiative helps improve LinkedIn's overall security posture and provides engineers with valuable skills for their careers.
How does the Security Champions Program structure its training?
The program is divided into two main phases: the first quarter focuses on security training, while the second quarter is dedicated to achieving milestones through practical projects. This structure ensures that participants gain both theoretical knowledge and hands-on experience.
Who can become a Security Champion at LinkedIn?
Any engineer with good situational awareness and a passion for information security can become a Security Champion. No prior infosec knowledge is required, making the program accessible to a broad range of candidates.
What are the expected time commitments for Champions in the program?
Champions are expected to dedicate at least 10 hours per week to the program, which replaces their regular work hours. This commitment is crucial for ensuring they can fully engage with the training and projects.
Key Statistics & Figures
Number of Champions graduated
More than 50
This number reflects the success and growth of the program since its inception.
Time commitment for Champions
25%
Champions dedicate 25% of their working time to security initiatives during the program.
Technologies & Tools
Training
Stanford Advanced Computer Security Certificate Program
This program is utilized to supplement in-house training for Champions, providing a well-rounded curriculum on security design principles.
Key Actionable Insights
1Implementing a Security Champions Program can significantly enhance your organization's security posture by fostering a culture of security awareness among engineers.By training engineers to be security advocates, organizations can leverage their existing talent to improve security practices and reduce vulnerabilities.
2Incorporating hands-on training methods, such as Capture the Flag competitions, can make security training more engaging and effective.These competitions provide practical experience and help reinforce the concepts learned during training, making the learning process more impactful.
3Regularly soliciting feedback from program participants can help refine and improve the Security Champions Program over time.Listening to the experiences of Champions allows organizations to adapt the program to better meet the needs of participants and enhance its effectiveness.
Common Pitfalls
1
One common challenge is keeping Champions engaged due to conflicting work priorities and the time commitment required for the program.
To mitigate this, it's important to secure managerial support during the nomination process, ensuring that Champions can dedicate the necessary time without compromising their regular responsibilities.
Related Concepts
Information Security Best Practices
Employee Engagement In Security Initiatives
Hands-on Security Training Methods