Security Awareness Blog: Category - Security Awareness Materials

Fiction Sometimes Eerily Like Future Reality

Editor's Note: This is a guest Blog Post from Ted Gutierrez, Ted is the ICS & NERC CIP Product Manager at the SANS Institute. In this post he discusses "Anatomy of an ICS Attack". By now anybody who follows cybersecurity news has probably heard about the December 23, 2015 attack on the Ukrainian electric … Continue reading Fiction Sometimes Eerily Like Future Reality


A Primer on Risk and Security Awareness

We talk alot about human risk in the world of security awareness, but rarely have I seen it defined, especially at a high level that anyone can understand. As such, I wanted to take a step back and give you a simple overview of what exactly risk is, and the role security awareness plays in … Continue reading A Primer on Risk and Security Awareness


Ukrainian Power Grid Attack -- Not Hype

Editor's Note: This Guest Blog postis byTed Gutierrez, a member of the SANSICS & NERC CIP team. When reports of a December 23, 2015 Ukrainian power outage linked to a coordinated malware attack first began to surface, I was skeptical. I'd previously written about vulnerabilities inherent in the US electric grid but had cautioned against … Continue reading Ukrainian Power Grid Attack -- Not Hype


SANS Securing The Human Named Leader in Gartner Magic Quadrant

We are honored and thrilled to announce that SANS Securing The Human has been named by Gartner, Inc. as a Leader in the 2015 Magic Quadrant for Security Awareness Computer-Based Training. In addition to being recognized for completeness of vision, we were ranked above all other organizations in our ability to execute. With over 1,000 … Continue reading SANS Securing The Human Named Leader in Gartner Magic Quadrant


Drilling Down Into the FORCE Model of Highly Reliable Security Programs

Editor's Note: This Guest Blog series is by Lance Hayden, an expert in human security and the author of IT Security Metrics and People-Centric Security. In my previous two blog posts I described highly reliable security programs (HRSPs) and why they are successful, along with the Security FORCE Model that defines their characteristics. In this … Continue reading Drilling Down Into the FORCE Model of Highly Reliable Security Programs