Security Awareness Blog: Category - Security Awareness Planning

Security Awareness - Visualizing ROI

The two most common goals I see in awareness programs are compliance and impact. The goal of compliance is to meet the requirements of certain regulations, such as HIPAA or PCI DSS. Impact means to reduce risk in your organization by changing employee behavior. To be honest I am far more interested in the second … Continue reading Security Awareness - Visualizing ROI


Security Awareness Top Ten Topics - #7 Encryption

This post is the seventh in a series of what I consider thetop ten topics for any security awareness program. Selecting the right topics with greatest value for your organization is key to a successful program.This series is not designed to tell you what your awareness program must have, instead these posts are designed to … Continue reading Security Awareness Top Ten Topics - #7 Encryption


How I Got Phished On Twitter

Security awareness is tough, once trained a user must be ever vigilant. This is true even for me and I do this for a living. First of all the bad guys are persistent, they never give up. Sooner or later the end user may make a mistake. Second, attackers are always adapting and changing their … Continue reading How I Got Phished On Twitter


Security Awareness Topic #6 - Passwords

This post is the six in a series of what I consider thetop ten topics for any security awareness program. Selecting the right topics with greatest value for your organization is key to a successful program.This series is not designed to tell you what your awareness program must have, instead these posts are designed to … Continue reading Security Awareness Topic #6 - Passwords


Securing The Human - DC Style

For those of you attending SANS Incident Detection and SANS CDI, you can find my latest version of Securing The Human presentation here. Several new updates in this presentation, including a video demo on Social Engineering and how Twitter hacked me. For those who were interested in showing the video demo to others, you can … Continue reading Securing The Human - DC Style