Security Awareness Blog

Why The Spectacular Growth in Ransomware?

Ransomware has become the attack 'du-jour' for cyber criminals, with successful attacks and reported paymentsall over the news (Brian Krebs being one of my all time favorite resources on the topic). However a question I have not seen answered is WHY are we seeing such an explosion? Running the Honeynet Project for ten years … Continue reading Why The Spectacular Growth in Ransomware?


OUCH Newsletter is Out - CEO Fraud

We are excited to announce this month's OUCH! security awareness newsletter - CEO Fraud. We chose this topic due to the dramatic rise in CEO Fraud attacks. What makes these attacks so powerful is that not only are they targeted, but most security technologies fail to detect them, there are nomalicious links or infected attachments … Continue reading OUCH Newsletter is Out - CEO Fraud


NERC CIP Compliance - The Challenge Is Just Beginning

Editor's Note: Today's guest blog is published by Ted Gutierrez, CISSP, GICSP, and GCIH, is the ICS & NERC CIP Product Manager at the SANS Institute and co-author of SANS ICS456 - Essentials for NERC CIP. Anyone familiar with the NERC Critical Infrastructure Protection (CIP) standards is painfully aware that July 1, 2016 is … Continue reading NERC CIP Compliance - The Challenge Is Just Beginning


European Sec Awareness Summit - Call For Papers

I'm super excited to officially announce the Call For Papers for the European Security Awareness Summit to be held in London on Friday, 11 November. If you are actively involved in building yoursecurity awareness program, or you have expertise and experience in helping others build their programs, we want to hear from you. We are … Continue reading European Sec Awareness Summit - Call For Papers


Managing Your Top Three Human Risks

Akey requirement to amature security awareness program is identifying yourtop human risks and focuson just those risks. Far too often organizations randomly picktheir topics based on the latest attacks they see in the news or attempt to eliminate all human risk bycovering a myriad of topics. As a result, employees are bombarded with numerous, haphazard … Continue reading Managing Your Top Three Human Risks