Security Awareness Blog: Author - Securing the Human

Educause Top 10

Information Security Tops List of Higher Ed IT Issues In a recent poll conducted by the EDUCAUSE Higher Education Information Security Council (HEISC), information security emerged as the top issue in its yearly list of Top 10 IT Issues. … Continue reading Educause Top 10


Video: Seven most dangerous new attack techniques - RSA 2017 Keynote

UPDATE: Cybersecurity experts Ed Skoudis, Michael Assante, Johannes Ullrich, James Lyne and SANS Founder Alan Paller will answer many of the 100+ questions they were not able to cover in the live session. Watch a special webcast following the wildly popular RSA Keynote The Seven Most Dangerous New Attack Techniques, and What's Coming Next. … Continue reading Video: Seven most dangerous new attack techniques - RSA 2017 Keynote


2017 Planning Ideas and 2016 Lessons Learned

Amplify Your Security Awareness Program in 2017 At the end of December I led a webcast reviewing some of the key lessons learned in 2016 and what we can do in 2017 to keep improving the practice, and impact, of security awareness programs. After working with hundreds of clients and awareness officers from around … Continue reading 2017 Planning Ideas and 2016 Lessons Learned


Mobile Device Security

Editor's Note: This post on mobile device security was originally posted to the SANS Penetration Testing blog by our colleagues Lee Neely & Joshua Wright. It's a good reminder of some key mobile security practices and helpful to raise awareness about simple behaviors that can make a difference. We often get asked for things … Continue reading Mobile Device Security


Stopping Business Email Scams Takes More than Just Phishing Training

A Conversation with the FBI Cybercrimes Division Since January 2015, losses from Business Email Compromise scams (often called BEC) increased 270 percent, according to the FBI cybercrimes division. While CEO Fraud is the most common and fastest growing version, the entire class of business email compromises rely on the same social engineering and targeting … Continue reading Stopping Business Email Scams Takes More than Just Phishing Training