A theme I sometimes hear from people in the the security community is you can't patch stupid. That "End Users" are too dumb or ignorant to be secured. Wow, I can't think of a more unfounded, prejudice statement. First, "End Users" are people like you and me, so I suggest we start calling them that. … Continue reading Can't Patch Stupidity? Look in the Mirror
Editor's Note: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this post Eric replies to a question about what SDLC is and where people can learn more. In a previous post, Beeker posted the comment, "What is … Continue reading Securing the Software Development Lifecycle
Folks, I'm pumped to be part of something new at RSA this year, an event focusing on how the security community can best reach out to and help secure today's kids. I'll be part of a keynote panel with some absolutely amazing other folks to include Alicia Kozakiewicz (if you don't know who that is, … Continue reading What Ideas do You Have to Secure Today's Kids?
Editors Note:Today's guest post is fromAngela Pappas. Angela helps lead the awareness program atThomson Reuters, a global organization with over 58,000 people. In this series of blogs Angela shares with us how she established their Security Ambassador Program. Since the inception of my role in 2012 as a part of the information security training and … Continue reading Motivating Staff to Join the Awareness Cause
Renowned researcher and author John Kotter has been a big influence on how I approach security awareness. His book Leading Change really opened my eyes to the steps to successful organizational change. Twenty years after Leading Change, you can think of Mr. Kotter's latest book Accelerate as an update. While I still think Leading Change … Continue reading Book Review: Accelerate