Security Awareness Blog: Category - Security Awareness Planning

Beyond Phishing: Understand the Principles of Social Engineering

Jane works in the accounting department of a medium sized manufacturing company and just completed her annual awareness training before heading home. She passed the phishing module with flying colors and felt ready for any email type attack that may come her way. While retrieving her keys shereceived a phone call on her mobile phone. … Continue reading Beyond Phishing: Understand the Principles of Social Engineering


What IoT (and Security) Needs to Learn From the DeWalt Mitre Saw

I recently purchased my first power tool ever, a DeWalt Compound Mitre Saw, an intimidating piece of machinery that can not only rip through huge pieces of wood, but potentially chop your hand/arm clean off. As such I was very nervous when I received it, to include reading through the safety manual several times … Continue reading What IoT (and Security) Needs to Learn From the DeWalt Mitre Saw


Why Bruce is Wrong About "Fixing" the User

Recently Bruce Schneier posted a blog titled "Security Design: Stop Trying to Fix the User". As usual, Bruce raises some interesting points that are well thought out. What is unusual in this case is I strongly disagree with him. I've known and respected Bruce for over 15 years now (he was one of … Continue reading Why Bruce is Wrong About "Fixing" the User


Less is More: How to Optimize Your Security Awareness Training

It's Thursday and Sue, a 15 year company veteran, sits down to take yet another mandatory training program before the Friday deadline. She's calculated that over the course of her career she has completed hundreds of hours of training. Even though she wants to do the right thing and make the company more secure, her … Continue reading Less is More: How to Optimize Your Security Awareness Training


The Psychology of Information Security Culture - At The European #SecAwareSummit

Editor's Note:Leron Zinatullinisauthor of The Psychology of Information Security.Heis one of the speakers for the upcoming European Security Awareness Summit in London 11 Nov. Below hediscusses histalk on positive ways to get your employees on board with information security. In order to reduce security risks within an enterprise, security professionals have traditionally attempted to guide … Continue reading The Psychology of Information Security Culture - At The European #SecAwareSummit