Security Awareness Blog: Category - Security Awareness Metrics

Managing Your Top Human Risks

One of the advantages working at SANS Institute is being surrounded by literally many of the world leaders in information security. At any time I can tap into a global network of experts, from forensics and malware to risk analysis and ICS attacks. One consistent thing I have learned from these people is you never … Continue reading Managing Your Top Human Risks


Developer Awareness Training: How Metrics Help

Guest Editor: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this series of posts Eric will take a look at laying a foundation for Developer Security Awareness Training. In the previous post, we laid the foundation for … Continue reading Developer Awareness Training: How Metrics Help


2015 Security Awareness Report

We are very excited to announce the release of the 2015 Security Awareness Report. This report details the findings from the Security Awareness Survey taken in October, 2014 by 220 security awareness officers. This report will help you gain the management support and resources you need to be successful, and enable you to benchmark your … Continue reading 2015 Security Awareness Report


Failing a Phishing Test - Rite of Passage

After several years of running phishing programs and working with other organization's on theirs, I'm starting to notice a trend. Sooner or later everyone falls victim to a phishing assessment. Heck, even I fell victim to a phishing assessment once, and it was my own assessment (happy to share that story, but the price is … Continue reading Failing a Phishing Test - Rite of Passage


Aligning HR With Secure Behaviors

One of the ideas I pulled from John Kotter's book Leading Change was a suggestion on Human Resources. Have your HR team align performance evaluations, compensation, or promotions based on peoples' security behaviors. This does two things. First, it increases motivation because people see an actual, tangible gain by changing their behaviors. But even more … Continue reading Aligning HR With Secure Behaviors