Security Awareness Blog: Category - Security Awareness Planning

Engineering Cyber Safety

Editor's Note: This is a guest Blog Post from Tim Conway,Technical Director for the ICS and SCADA programs at SANS. Below Tim shares his thoughts on Engineering Cyber Safety. For many organizations that run security awareness programs, the question eventually comes up "how do I make our program more relevant and interesting to our audience". … Continue reading Engineering Cyber Safety


Creating a Security Champions Network

Editor's Note: This is a guest Blog Post from John Haren, Information Security Governance Specialist at Diageo with special responsibility for the Information Management & Security Awareness program globally. Below John describes how he has put together a Champtions Network (or often called Ambassador Program) for his organization. We are seeing this approach to awareness … Continue reading Creating a Security Champions Network


Guest Blog Post - It's All About The Team

Editor's Note: This is a guest Blog Post from Cheryl Conley, head of Lockheed Martin's Security Education and Awareness team. Lockheed is one of the most targeted (and phished) organizations in the world. Below are her thoughts on Phishing as we kick off 2015. Happy New Year! I trust everyone had a good holiday, with … Continue reading Guest Blog Post - It's All About The Team


Looking Forward to Securing The Human in 2015

2014 has been an amazing year for the security awareness community. I feel organizations are truly making the fundamental shift from just compliance to changing human behavior. From working with hundreds of organizations, teaching multiple classes of SANS MGT433 and the first ever security awareness summit, I'm seeing both interest and investment in security awareness … Continue reading Looking Forward to Securing The Human in 2015


Aligning HR With Secure Behaviors

One of the ideas I pulled from John Kotter's book Leading Change was a suggestion on Human Resources. Have your HR team align performance evaluations, compensation, or promotions based on peoples' security behaviors. This does two things. First, it increases motivation because people see an actual, tangible gain by changing their behaviors. But even more … Continue reading Aligning HR With Secure Behaviors