Security Awareness Blog: Author - Securing the Human

Mobile Device Security

Editor's Note: This post on mobile device security was originally posted to the SANS Penetration Testing blog by our colleagues Lee Neely & Joshua Wright. It's a good reminder of some key mobile security practices and helpful to raise awareness about simple behaviors that can make a difference. We often get asked for things … Continue reading Mobile Device Security


Stopping Business Email Scams Takes More than Just Phishing Training

A Conversation with the FBI Cybercrimes Division Since January 2015, losses from Business Email Compromise scams (often called BEC) increased 270 percent, according to the FBI cybercrimes division. While CEO Fraud is the most common and fastest growing version, the entire class of business email compromises rely on the same social engineering and targeting … Continue reading Stopping Business Email Scams Takes More than Just Phishing Training


Awareness Training Ranks High in New Cyber Security Report

Key Awareness Findings from the SANS 2016 Survey on Security and Risk in the Financial Sector What if you could peer into the front lines of the battle against cyber threats in the financial services sector? What role does security awareness play in thwarting attacks? The 2016 SANS Survey on Security and Risk in the … Continue reading Awareness Training Ranks High in New Cyber Security Report


Beyond Phishing: Understand the Principles of Social Engineering

Jane works in the accounting department of a medium sized manufacturing company and just completed her annual awareness training before heading home. She passed the phishing module with flying colors and felt ready for any email type attack that may come her way. While retrieving her keys shereceived a phone call on her mobile phone. … Continue reading Beyond Phishing: Understand the Principles of Social Engineering


Less is More: How to Optimize Your Security Awareness Training

It's Thursday and Sue, a 15 year company veteran, sits down to take yet another mandatory training program before the Friday deadline. She's calculated that over the course of her career she has completed hundreds of hours of training. Even though she wants to do the right thing and make the company more secure, her … Continue reading Less is More: How to Optimize Your Security Awareness Training