One of themost common reasons we see organization's fail to establish a mature security awareness programis they fail to start witha plan. You can easily spotsuch anawareness program, theyrandomly pick the topics they communicate, they communicate only a fewtimes a year, they make little if any effort to understand and engage their audience, and … Continue reading The Security Awareness Planning Kit
Editor's Note: Cathy Click is the Project Manager/Event Coordinator for the Security Awareness program at FedEx. She is one of the speakers for the upcoming US Security Awareness Summit in San Francisco August 3/4. Below she discusses her talk on building a security awareness conference. How do you bridge the gap between having employees … Continue reading Building Your Own Awareness Events - At The #SecAwareSummit
space Editor's Note: Today's guest blog is published by Ted Gutierrez, CISSP, GICSP, and GCIH, is the ICS & NERC CIP Product Manager at the SANS Institute and co-author of SANS ICS456 - Essentials for NERC CIP. The July 1, 2016 enforcement date for what is commonly referred to as CIP Version 6 is right … Continue reading Is Your Organization Really Ready For NERC CIP Version 6?
space The June edition of the OUCH newsletter is out. For this month we decided to cover encryption. Far too often we the security community tell people to use encryption, but so many people do not know what encryption is or how to effectively use it. In this newsletter we explain in very simple terms … Continue reading OUCH is out - Encryption
space Editor's Note: This guest blog post is from Dr. Lisa Murray-Johnson, Director of Content Research for SANS Securing The Human. Lisa begins a series of posts on effective content design and learning theory, starting with interactive learning. What is interactive learning? It is the hands on approach to engagement in the learning process. Your … Continue reading Getting Interactive