The Security Awareness Maturity Model was developed five years ago by a community of security awareness officers to solve a problem. Specifically the awareness communityneeded a way to visually communicate whatstagea security awareness program was currently at and where the organizationwanted to take it. The Security Awareness Roadmap builds on the maturity model by definingeach … Continue reading Security Awareness Roadmap - Updated Version
Ransomware has become the attack 'du-jour' for cyber criminals, with successful attacks and reported paymentsall over the news (Brian Krebs being one of my all time favorite resources on the topic). However a question I have not seen answered is WHY are we seeing such an explosion? Running the Honeynet Project for ten years … Continue reading Why The Spectacular Growth in Ransomware?
We are excited to announce this month's OUCH! security awareness newsletter - CEO Fraud. We chose this topic due to the dramatic rise in CEO Fraud attacks. What makes these attacks so powerful is that not only are they targeted, but most security technologies fail to detect them, there are nomalicious links or infected attachments … Continue reading OUCH Newsletter is Out - CEO Fraud
Editor's Note: Today's guest blog is published by Ted Gutierrez, CISSP, GICSP, and GCIH, is the ICS & NERC CIP Product Manager at the SANS Institute and co-author of SANS ICS456 - Essentials for NERC CIP. Anyone familiar with the NERC Critical Infrastructure Protection (CIP) standards is painfully aware that July 1, 2016 is … Continue reading NERC CIP Compliance - The Challenge Is Just Beginning
I'm super excited to officially announce the Call For Papers for the European Security Awareness Summit to be held in London on Friday, 11 November. If you are actively involved in building yoursecurity awareness program, or you have expertise and experience in helping others build their programs, we want to hear from you. We are … Continue reading European Sec Awareness Summit - Call For Papers