Security Awareness Blog: Author - lspitzner

Book Review - Leaders Eat Last

As the book title sounds, "Leaders Eat Last" is a book on leadership. I read this book as it was recommended by several security awareness officers I know. Instead of a book on data driven management, the book focuses on the human element of leading. The book is fascinating as Simon Sinek goes into the … Continue reading Book Review - Leaders Eat Last


2015 Verizon DBIR - From a Securing The Human Perspective

After reading the 2015 Verizon Data Breach Investigations Report (DBIR) I wanted to share with you my thoughts from a security awareness / human behavior perspective. Before I do, I just wanted to share a big thanks with Bob Rudis (@hrbrmstr) and the DBIR team, they did an amazing job. For those of you who … Continue reading 2015 Verizon DBIR - From a Securing The Human Perspective


Target: Healthcare Organization

Editor's Note: SANS & NH-ISAC have just released the whitepaper: The What, Where and How of Protecting Healthcare Data by authors James Tarala and Kelli K Tarala. Below is an excerpt, the full paper is available for download at: http://www.sans.org/u/3fO. A healthcare organization is responsible for protecting a patient's most private information; their medical record. … Continue reading Target: Healthcare Organization


Can't Patch Stupidity? Look in the Mirror

A theme I sometimes hear from people in the the security community is you can't patch stupid. That "End Users" are too dumb or ignorant to be secured. Wow, I can't think of a more unfounded, prejudice statement. First, "End Users" are people like you and me, so I suggest we start calling them that. … Continue reading Can't Patch Stupidity? Look in the Mirror


Securing the Software Development Lifecycle

Editor's Note: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this post Eric replies to a question about what SDLC is and where people can learn more. In a previous post, Beeker posted the comment, "What is … Continue reading Securing the Software Development Lifecycle