Security Awareness Blog: Category - Security Awareness Metrics

Don't Get Hooked - Email Image

Last December we released a new security awareness poster - "Don't Get Hooked". This poster explains what phishing and spear phishing are and then shows an example email with numerous phishing indicators pointed out. Anyone is welcome to download, print and distribute as many copies of this poster as they like.In addition, we are … Continue reading Don't Get Hooked - Email Image


Verizon DBIR - Great Action Items for Awareness Programs

I finished reviewing the new Verizon DBIR (Data Breach Investigations Report). I think this is their best yet. If you are unfamiliar with this report, its the most comprehensive analysis of what the bad guys are doing each year. This years analysis is based on data from 95 countries, 1,367 confirmed breaches and 63,437 incidents. … Continue reading Verizon DBIR - Great Action Items for Awareness Programs


Idea for Human Metrics - Tracking Updates

Its always challenging to find a good security awareness metric. By good, I mean not only does the metric need to measure a human behavior that I care about, but the metric is easy and low cost to repeatedly measure. So I'm always excited when I find what I feel is a good security awareness … Continue reading Idea for Human Metrics - Tracking Updates


Getting Support and Approval for Phishing Assessments

During my human metrics talk at RSA last month, a common question was how to get support for an internal phishing program. Phishing assessments are a powerful metric, not only do they measure a high human risk, but they are repeatable, quantifiable, actionable and low cost. This is why phishing has become one of the … Continue reading Getting Support and Approval for Phishing Assessments


Top Five Most Popular Security Awareness Topics

At SANS Securing The Human we currently have over 40 topics in our security awareness training library. By breaking up our training into short modules organizations can select and use only the topics that directly apply to them. This enables organizations to create short, yet highly effective training. You can find descriptions and short video … Continue reading Top Five Most Popular Security Awareness Topics