Security Awareness Blog: Author - lspitzner

Security Awareness Summit - CFP Closed

Folks, the Security Awareness Summit Call for Presenters is now closed. We are thrilled to have received 28 outstanding submissions. Now comes the difficult task of selecting the speakers. Our Board of Advisors will begin the review process and we should have the final select confirmed before the end of March. The upcoming Security Awareness … Continue reading Security Awareness Summit - CFP Closed


Ready - Set - Stop! FERC Postpones CIP Version 5

Editor's Note: This guest post is from Ted Gutierrez,the ICS & NERC CIP Product Manager at the SANS Institute Just when the electric industry thought that they had seen it all, FERC pulls another rabbit out of its hat astonishing audiences near and far. In an order issued today (February 25, 2016) FERC granted a … Continue reading Ready - Set - Stop! FERC Postpones CIP Version 5


Security Awareness Maturity Model - Your Path to Success

After teaching and working with literally hundreds oforganizations on their security awareness program, we know its hard, very hard, to build a mature program. By mature we mean going beyond just changing behavior, but creating a secure culture and having the metrics to prove it. Akey challenge we see time and time againis there are … Continue reading Security Awareness Maturity Model - Your Path to Success


Transforming Your Security Culture - Lab at RSA

I'm excited to announce Dr. Lance Hayden (author of People Centric Security) and I are leading a two hour lab at RSA conference titled Transforming Your Security Culture. This learning lab will link security culture and performance, with "hands on" exercises to teach attendees to measure, manage and transform their own security cultures. Through interactive … Continue reading Transforming Your Security Culture - Lab at RSA


Managing Your Top Human Risks

One of the advantages working at SANS Institute is being surrounded by literally many of the world leaders in information security. At any time I can tap into a global network of experts, from forensics and malware to risk analysis and ICS attacks. One consistent thing I have learned from these people is you never … Continue reading Managing Your Top Human Risks