I recently saw a question posted asking how long should security awareness training be. First, I'm excited whenever someone is attempting to better understand their human risk and how to best address it. However, starting with "How long should it be" is the wrong question to ask. Instead, if you want to develop an awareness … Continue reading The Wrong Question - How Long Should Security Awareness Training Be?
As some of you may already know, October is National Cyber Security Awareness month in the United States. Led by the National Cyber Security Alliance, and co-sponsored by MS-ISAC and DHS, the goal is to make the United States public aware of cyber security issues and how to better protect themselves. This October will be … Continue reading Getting Ready for October Awareness Month
Folks, I'll be teaching SANS MGT 433 this September and October. This is SANS two day class on how to build high-impact security awareness programs. This intense class builds on the lessons learned from hundreds of organizations and includes cutting edge techniques for planning, executing and measuring your awareness program. One of the key things … Continue reading Teaching SANS MGT 433 Sep / Oct - Learn How to Build High-Impact Awareness Programs
A common challenge many of us face in establishing a high-impact security awareness program is getting stakeholder support. Without champions in key positions it is very difficult to get budget, resources or organizational buy-in. As such, often the first step in any awareness program is having to first sell awareness in business terms. We already … Continue reading Get Your Security Awareness Budget With This Presentation
[Editor's Note: This blog is from Janet Roberts at Progressive Insurance and is part of a new series where we get insight from other security awareness professionals. Every organization and their security awareness program is different. As such, every organization has a different story to tell and different lessons learned to share. This is one … Continue reading Want Organizational Buy-in? Get People Talking