Security Awareness Blog: Category - Security Awareness Planning

Motivating Staff to Join the Awareness Cause: What the Ambassador Pilot Taught Us

Editors Note: Today's guest post is from Angela Pappas. Angela helps lead the awareness program at Thomson Reuters, a global organization with over 58,000 people. In this series of blogs Angela shares with us how she established their Security Ambassador Program. About a month ago I wrote a blog about the Information Security Ambassador program … Continue reading Motivating Staff to Join the Awareness Cause: What the Ambassador Pilot Taught Us


RSA Panel: Protecting Our Youth from the Wolves of Cyberspace

Last week I had the amazing opportunity to be part of the RSA Keynote panel on protecting kids online. The goal of the panel was to raise awareness of the risks kids face online today, but also just as importantly what we can do about it. I've been actively presenting around the world for … Continue reading RSA Panel: Protecting Our Youth from the Wolves of Cyberspace


Target: Healthcare Organization

Editor's Note: SANS & NH-ISAC have just released the whitepaper: The What, Where and How of Protecting Healthcare Data by authors James Tarala and Kelli K Tarala. Below is an excerpt, the full paper is available for download at: http://www.sans.org/u/3fO. A healthcare organization is responsible for protecting a patient's most private information; their medical record. … Continue reading Target: Healthcare Organization


Can't Patch Stupidity? Look in the Mirror

A theme I sometimes hear from people in the the security community is you can't patch stupid. That "End Users" are too dumb or ignorant to be secured. Wow, I can't think of a more unfounded, prejudice statement. First, "End Users" are people like you and me, so I suggest we start calling them that. … Continue reading Can't Patch Stupidity? Look in the Mirror


Securing the Software Development Lifecycle

Editor's Note: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this post Eric replies to a question about what SDLC is and where people can learn more. In a previous post, Beeker posted the comment, "What is … Continue reading Securing the Software Development Lifecycle