Security Awareness Blog

Albany, NY Presentation Online

I just finished presenting "Securing The Human" at the 13th Annual New York State Cyber Security Conference in Albany, NY. As promised, you can find the slides online here. If you have any questions about the presentation, I would love to hear from you, email me at


Posted June 29, 2010 at 1:44 PM | Permalink | Reply


I think you are right on regarding "Securing the Human." I have seen the power of making users aware of security threats and the actions they may take to help minimize or make you aware of the threat.
I do believe the information has to be presented to users that is tangible and makes sense. Technology scares people and they think it goes over their head, quickly. We need to focus on ways to educate users, so that it "brings it home" to them. If someone breaks into their house, then the risk of "burglary" brings home the fact that they can be robbed, someone can break into their home, etc. However, if they look at or understand how the burglary occurred, and why, they can take the necessary steps to minimize the chances of it occurring again, especially if they are at home.
I believe this same learning process can be applied to security awareness education. We need to use language and examples that users understand. I have my fair share of "user stories" that make you scratch your head, but I don't and never will give up on them. The information needs to be pushed to them in increments that they can safely digest without becoming overwhelmed and want to give up and click the "Cancel" or "Skip" button. I often have to tell people that AV, firewalls, and patching isn't good enough (with today's malware); however, it is a huge help.
We also have to give users hope that they can surf the web and not be overly concerned with the risks. They can, however, follow some basic guidance to help minimize the risks.
I'll stop now, because I can keep going and going.

Posted July 2, 2010 at 9:15 AM | Permalink | Reply


Duane, great points, thanks so much for sharing. If you have some time, I would love to learn more about some of your war stories.