Security Awareness Blog

SANS MGT433 - Two Day Course on Building a High-Impact Awareness Program

SANS MGT433 is an intense two day course on how to build, measure and maintain a high-impact security awareness program. If you are looking to build a new program and are not sure where to start, or if you have an existing program you need to take to the next level, this is the class … Continue reading SANS MGT433 - Two Day Course on Building a High-Impact Awareness Program


OUCH! is Out - Internet of Things

One a month, every month, the free OUCH! newsletter helps people better understandhow to securely make the most of technology. We want people to embrace what the Internethas to offer, but do it in a safe and secure manner. For May we decided to introduce people to Internet of Things (IoT). IoT devices are quickly … Continue reading OUCH! is Out - Internet of Things


Game On - The Security Awareness Summit Agenda is Released

Folks, I'm super excited to announce the agenda for the Security Awareness Summit 3/4 Aug in San Francisco has been released. Designed for experienced security awareness officers who want to take their security awareness program to the next level, this year's Summit will provide actionable lessons you can take back and apply right … Continue reading Game On - The Security Awareness Summit Agenda is Released


OUCH Newsletter is Out - I'm Hacked Now What?

We are excited to release the April edition of the free, OUCH security awareness newsletter. Led by Uber's Samantha Davison, wecoverthe topic I'm Hacked, Now What. More specifically, wedescribe clues you can use to tell if your system has been hacked, and, if so, what you can do about it. This is a tough topic … Continue reading OUCH Newsletter is Out - I'm Hacked Now What?


Ukrainian Grid Attack: How NERC CIP-like Measures Might Have Helped

Editor's Note: Today's guest blog is published by TedGutierrez, CISSP, GICSP, and GCIH, is the ICS & NERC CIP Product Manager at the SANS Institute and co-author of SANS ICS456 - Essentials for NERC CIP. With the recent release of the E-ISAC and SANS ICS Defense Use Case (DUC) #5 which analyzed the cyber-attack that … Continue reading Ukrainian Grid Attack: How NERC CIP-like Measures Might Have Helped