Security Awareness Blog: Category - Security Awareness Planning

Top Security Awareness Presenting Tips - Mistakes Made and Lessons Learned

If you are involved in security awareness sooner or later you will have to present. It can be anything from teaching fellow employees about security awareness, to briefing management on the impact of your awareness program. The problem is many of us in security are not good communicators. There is nothing more dissapointing than attending … Continue reading Top Security Awareness Presenting Tips - Mistakes Made and Lessons Learned


Getting Security Awareness Involved with Incident Tracking

One of the advantages of working with SANS is I have an incredible wealth of experience and knowledge to tap into, SANS Instructors. These are some of the most trained and experienced security professionals in the world. As such I'm often picking the minds of these poor souls, seeing which ideas I can suck out … Continue reading Getting Security Awareness Involved with Incident Tracking


Pedestrian Awareness in Chicago = Hacked Laptop in Crime Scene Tape

One of the things I like to do is keep my eyes open and learn from other awareness campaigns. In security we can often forget that we are not the only ones facing the challenge of educating others. From theCDC and their zombie apocalypseto the pink ribbons of National Breast Cancer month, there is a … Continue reading Pedestrian Awareness in Chicago = Hacked Laptop in Crime Scene Tape


Two day class on building a high impact security awareness program - MGT 433

I'll be teaching MGT 433 this December 15-16 in Washington, DC as part of SANS CDI. If you or your organization is considering a security awareness program, or looking to improve an existing one, this intense two day course is for you. We are also teaching this as a simulcast, meaningyou can virtually attend the … Continue reading Two day class on building a high impact security awareness program - MGT 433


Determining Your ROI for Your Security Awareness Program

One of the challenges we often discuss about security awareness programs is determining ROI, how do organizations determine how much money they are saving with their program or how much risk they are reducing. While presenting recently at the ISSA CISO Forum, we had a very interesting discussion at the end that got me thinking … Continue reading Determining Your ROI for Your Security Awareness Program