Security Awareness Blog: Author - lspitzner

Time for Password Expiration to Die

Editor's Note: This is based on a post I did to the SANS GIAC maillist. I've been meaning to blog about password expirationsand this was the kick in the butt I needed. This is also the perfect example of the saying - "amateurs mitigate risk, professionals manage risk ." Per Thorsheim, Cormac Herley, I and … Continue reading Time for Password Expiration to Die


Security Awareness - The Challenge of Middle Management

Oneof the best things I love about teaching SANS MGT433 around the world is I get to learn what are the most common challenges security awareness professionalsface on a global level. A common challengeI'm seeing pop-up in the last 6-12 months is middle management. A lot of you are reporting you are getting the … Continue reading Security Awareness - The Challenge of Middle Management


Guest Blog - Nudging Towards Security - Part 4

Editor's Note: This is a part of a series of blog posts by Sahil Bansal from Genpact on the topic Nudging Towards Security. Making Security Personal Traditional Approach of Security Communications - Employees behave in a particular way because there is something that motivates them to do so. Traditionally, the information security teams of organizations … Continue reading Guest Blog - Nudging Towards Security - Part 4


RSAC Lab: Achieving and Measuring Success with the Security Awareness Maturity Model

Note: At RSA Conference 2017 I taught a two hour labon the Security Awareness Maturity Model. Specifically what the model is, how to leverage the model in establishing a mature awareness program and the ability to measure your program. This summary was written as a follow-up forthe students who took the lab. Due … Continue reading RSAC Lab: Achieving and Measuring Success with the Security Awareness Maturity Model


#OUCH Newsletter is Out - Using Mobile Apps Securely

The Marchedition of the OUCH! security awareness newsletter is out. For March we focus on mobile devices, specifically Using MobileApps Securely. What makes mobile devices so powerful are the hundreds of thousands of different apps you can choose from. However all those choices can also bring unique dangers. That is why we are so thrilled … Continue reading #OUCH Newsletter is Out - Using Mobile Apps Securely