Security Awareness Blog: Category - Security Awareness Planning

Creating a Security Champions' Network - #SecAwareSummit

Editor's Notes: John Haren is the head of security awareness for Diageo and one of the speakers for the upcoming EU Security Awareness Summit in London on 10 July. Below he discusses what his talk will be on and what you will learn from it. Hi folks - I'm John Haren and I will be … Continue reading Creating a Security Champions' Network - #SecAwareSummit


Motivating Staff to Join the Awareness Cause: What the Ambassador Pilot Taught Us

Editors Note: Today's guest post is from Angela Pappas. Angela helps lead the awareness program at Thomson Reuters, a global organization with over 58,000 people. In this series of blogs Angela shares with us how she established their Security Ambassador Program. About a month ago I wrote a blog about the Information Security Ambassador program … Continue reading Motivating Staff to Join the Awareness Cause: What the Ambassador Pilot Taught Us


RSA Panel: Protecting Our Youth from the Wolves of Cyberspace

Last week I had the amazing opportunity to be part of the RSA Keynote panel on protecting kids online. The goal of the panel was to raise awareness of the risks kids face online today, but also just as importantly what we can do about it. I've been actively presenting around the world for … Continue reading RSA Panel: Protecting Our Youth from the Wolves of Cyberspace


Target: Healthcare Organization

Editor's Note: SANS & NH-ISAC have just released the whitepaper: The What, Where and How of Protecting Healthcare Data by authors James Tarala and Kelli K Tarala. Below is an excerpt, the full paper is available for download at: http://www.sans.org/u/3fO. A healthcare organization is responsible for protecting a patient's most private information; their medical record. … Continue reading Target: Healthcare Organization


Can't Patch Stupidity? Look in the Mirror

A theme I sometimes hear from people in the the security community is you can't patch stupid. That "End Users" are too dumb or ignorant to be secured. Wow, I can't think of a more unfounded, prejudice statement. First, "End Users" are people like you and me, so I suggest we start calling them that. … Continue reading Can't Patch Stupidity? Look in the Mirror