Security Awareness Blog

A Foundation for Developer Security Awareness Training: Part 1

Guest Editor: Today's post is from Eric Johnson. Eric is a Senior Security Consultant at Cypress Data Defense and the Application Security Curriculum Product Manager at SANS. In this series of posts Eric will take a look at laying a foundation for Developer Security Awareness Training. Laying a foundation for developer security training is not … Continue reading A Foundation for Developer Security Awareness Training: Part 1


Book Review - Mindset

One thing I'm quickly realizing about the security awareness community, including myself, is just how much we are lacking in soft skills. While most of us understand human risk and the behaviors we need to change, where we fail is HOW to change those behaviors, especially on a large scale. We as a community need … Continue reading Book Review - Mindset


Engineering Cyber Safety

Editor's Note: This is a guest Blog Post from Tim Conway,Technical Director for the ICS and SCADA programs at SANS. Below Tim shares his thoughts on Engineering Cyber Safety. For many organizations that run security awareness programs, the question eventually comes up "how do I make our program more relevant and interesting to our audience". … Continue reading Engineering Cyber Safety


Two New Security Awareness Posters

For those of you who have a SANS portal account and subscribe to SANS maillings, you should have received your new Security Awareness posters in the mail this week. For this year we created two new posters, one for the Healthcare community and another for the Ordinary Computer User (OCU) on how to create a … Continue reading Two New Security Awareness Posters


Creating a Security Champions Network

Editor's Note: This is a guest Blog Post from John Haren, Information Security Governance Specialist at Diageo with special responsibility for the Information Management & Security Awareness program globally. Below John describes how he has put together a Champtions Network (or often called Ambassador Program) for his organization. We are seeing this approach to awareness … Continue reading Creating a Security Champions Network