Security Awareness Blog: Author - Securing the Human

2017 Planning Ideas and 2016 Lessons Learned

Amplify Your Security Awareness Program in 2017 At the end of December I led a webcast reviewing some of the key lessons learned in 2016 and what we can do in 2017 to keep improving the practice, and impact, of security awareness programs. After working with hundreds of clients and awareness officers from around … Continue reading 2017 Planning Ideas and 2016 Lessons Learned


Mobile Device Security

Editor's Note: This post on mobile device security was originally posted to the SANS Penetration Testing blog by our colleagues Lee Neely & Joshua Wright. It's a good reminder of some key mobile security practices and helpful to raise awareness about simple behaviors that can make a difference. We often get asked for things … Continue reading Mobile Device Security


Stopping Business Email Scams Takes More than Just Phishing Training

A Conversation with the FBI Cybercrimes Division Since January 2015, losses from Business Email Compromise scams (often called BEC) increased 270 percent, according to the FBI cybercrimes division. While CEO Fraud is the most common and fastest growing version, the entire class of business email compromises rely on the same social engineering and targeting … Continue reading Stopping Business Email Scams Takes More than Just Phishing Training


Awareness Training Ranks High in New Cyber Security Report

Key Awareness Findings from the SANS 2016 Survey on Security and Risk in the Financial Sector What if you could peer into the front lines of the battle against cyber threats in the financial services sector? What role does security awareness play in thwarting attacks? The 2016 SANS Survey on Security and Risk in the … Continue reading Awareness Training Ranks High in New Cyber Security Report


Beyond Phishing: Understand the Principles of Social Engineering

Jane works in the accounting department of a medium sized manufacturing company and just completed her annual awareness training before heading home. She passed the phishing module with flying colors and felt ready for any email type attack that may come her way. While retrieving her keys shereceived a phone call on her mobile phone. … Continue reading Beyond Phishing: Understand the Principles of Social Engineering