Okay, another debate just popped up about password complexity. I'm starting to get frustrated with all this discussion on exactly what is the perfect, complex password. At some point it does not matter, good enough is good enough. The reason I'm concerned is organizations may loose focus on the big picture on passwords. There … Continue reading Teaching the Wrong Thing About Password Security Awareness
One of the things I love about security awareness is that even though I've been at this for years, I never stop learning myself. In preparation for the upcoming April OUCH! newsletter we have been doing alot of research on Metadata, including geo-tagging for images. I always kind of knew that my smartphone was tagging … Continue reading The Geo-Tagging Challenge - Where & What is Lunch?
I just wanted to share with you some updates from the Securing The Human team. First is OUCH!. As most of you saw we released the March edition last week, the topic was Dos and Don'ts of Email. One of the most common requests for OUCH! has been for us to release OUCH! earlier in … Continue reading Updates to OUCH! and STH
Establishing a security awareness program that ensures your organization is both compliant and reduces risk is difficult. Many organizations do not even know where to start. To help you we have put together a planning package. This package is made up of the following. PACKAGE: First is thePlanning & Deployment Package itself. This package contains … Continue reading Webcast & Deployment Package for High-Impact Awareness Programs
I'm noticing a trend in awareness training, one I wanted to share and see if others are seeing the same thing. In general there are two ways to deliver training, what I call Scheduled or On Demand. Scheduled is what you think of for traditional training. A certain time and/or place is set and people … Continue reading Security Awareness Training - Scheduled or On Demand?