Cisco just released their Annual Security Report for 2010. I found this to be one of the best written annual security reports I have read in a while. The format is very easy to read and instead of providing useless statistics, the report provides analysis and intelligence. You get a real feel for what the … Continue reading Social Engineering - Seven Deadly Weaknesses
One of the biggest challenges I feel organizations face in their awareness program is lack of structure. Even if they have taken time to identify the security awareness topics with greatest impact, they often communicate that content in a haphazard manner. To be effective you need a communications plan. To help you structure your communications … Continue reading Communicating Your Awareness Program - Primary & Reinforcement
I'm very excited to announce the new and improved OUCH! Security Awareness newsletter. As some of you may know, for over six years now SANS has been publishing the OUCH! newsletter as a free security awareness resource. OUCH! is published every month and covers a new security awareness topic designed to educate ordinary computer users. … Continue reading The *New* Security Awareness Newsletter - OUCH!
For those of you who are involved in your organization's security awareness program (or looking to start one) join me at SANS Orlando for our new Securing The Human course. This two day course will take you through step by step how to plan, implement and maintain an effective awareness program. You can't beat sunny … Continue reading Teaching Security Awareness Course at SANS Orlando
I just completed a series on the top ten topics in any security awareness program. One of the key points in planning your security awareness program is first identify the topics that have the greatest value to your organization. By prioritizing and teaching only those topics you can save time and money while having … Continue reading Security Awareness - How To Communicate