Security Awareness Blog: Category - Security Awareness Communications

Tuning the Human Sensor with Phishing Attacks

I've posted several times about the tremendous value of an active phishing assessment program. Not only does it result in effective behavior change, but based on my experience phishing assessments are positive and a highly engaging way to reach people. In may ways it becomes a challenge of who can 'spot the phish' first, gamifying … Continue reading Tuning the Human Sensor with Phishing Attacks


Top 3 Reasons Security Awareness Training Fails

Continuing our top three trend I wanted to share the top three reasons I see awareness programs fail. By fail I mean they do not have an impact. If compliance is your only goal, this is much simpler to achieve. Having an impact through behavior change is a far greater challenge. 1. No Plan: This … Continue reading Top 3 Reasons Security Awareness Training Fails


Security Awareness Training - Starting With Project Charter

I recently took Jeff Frisk's MGT 525 course on project planning. This is a great class to take if you are going to be working on any large scale or long term project, such as a security awareness program. What I liked best about his course is it brings structure to planning such a program … Continue reading Security Awareness Training - Starting With Project Charter


How to Effectively Reward Secure Behaviors

One of the challenges with creating a high-impact security awareness program is how do you reward good behavior? Obviously enforcement is important to any awareness program, but at some point we need to combine that with positive reinforcement. However this is not as simple as it seems, it turns out rewarding good behavior can have … Continue reading How to Effectively Reward Secure Behaviors


Gamifying Security Awareness

One of the challenges we have with security awareness is when you come down to it, awareness training and education can become boring over time. Yes there are steps you can take to make it exciting, and there are many things you can do to sexy training up, but how often do you have employees … Continue reading Gamifying Security Awareness