In my last post we discussed the challenge of communicating security awareness to people. Specifically, if people have to attend a scheduled event you probably will average a 5% show-up rate. For today's generation, you need to communicate in a manner where they can take training when they want, from wherever they want. I mentioned … Continue reading Addressing The 5% Awareness Training Challenge - Online
Recently I posted about the 5% security awareness challenge. Specifically, if you schedule a security awareness training event, such as a webcast or an onsite workshop, you will average a 5% show up rate. In other words, unless the training is absolutely mandatory, you will fail to reach over 90% of your organization. To reach … Continue reading Overcoming the 5% Security Awareness Challenge
I just finished my two day class on building high-impact awareness programs. One of the things we discussed in class is Outgoing cultures versus Conservative cultures. Outgoing organizations tend to have younger employees and be very open minded on how you can communicate, organizations such as technology companies, marketing companies or universities. Conservative organizations tend … Continue reading Cartman Says "Show Your Badge Dirty Hippie"
On Wednesday we had the Geo-Tagging challenge. Your mission was to analyze an image taken of a street vendor and determine where the image was taken, and more specifically what security event. The whole purpose is to demonstrate the type of information (called metadata) people can publicly share without realizing it. Here are the results. … Continue reading The Geo-Tagging Challenge Results
Okay, another debate just popped up about password complexity. I'm starting to get frustrated with all this discussion on exactly what is the perfect, complex password. At some point it does not matter, good enough is good enough. The reason I'm concerned is organizations may loose focus on the big picture on passwords. There … Continue reading Teaching the Wrong Thing About Password Security Awareness