Security Awareness Blog: Author - lspitzner

What You Actually Need is a Security Communications Officer

A number of factors have come together to cause me to rethink our approach to security awareness and training. For years we have discussed the need for organizations to have a dedicated Security Awareness Officer. I'm beginning to think this is wrong. We don't need security awareness officers, what we need are more Security Communications … Continue reading What You Actually Need is a Security Communications Officer


OUCH! Newsletter - Gaming Online Safely and Securely

Folks, this month's OUCH! newsletter is out. For this month we focused on something a bit different, online gaming. Gaming online is a fantastic way to have fun and meet others, but it does come with it's own set of unique risks, especially for kids. Surprisingly, the majority of these risks are not technical but … Continue reading OUCH! Newsletter - Gaming Online Safely and Securely


Developer Awareness Training: How Metrics Help

Guest Editor: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this series of posts Eric will take a look at laying a foundation for Developer Security Awareness Training. In the previous post, we laid the foundation for … Continue reading Developer Awareness Training: How Metrics Help


What Should Developer Security Awareness Training Look Like?

Guest Editor: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this series of posts Eric will take a look at laying a foundation for Developer Security Awareness Training. In our last post, we discussed improving the security … Continue reading What Should Developer Security Awareness Training Look Like?


A Foundation for Developer Security Awareness Training: What's the Problem?

Guest Editor: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this series of posts Eric will take a look at laying a foundation for Developer Security Awareness Training. In our last post , we discussed what we … Continue reading A Foundation for Developer Security Awareness Training: What's the Problem?