Security Awareness Blog

Getting Support and Approval for Phishing Assessments

During my human metrics talk at RSA last month, a common question was how to get support for an internal phishing program. Phishing assessments are a powerful metric, not only do they measure a high human risk, but they are repeatable, quantifiable, actionable and low cost. This is why phishing has become one of the … Continue reading Getting Support and Approval for Phishing Assessments


Why the 90 Day Rule for Password Changing?

I consistently find passwords one of the most challenging part of any awareness program as we have to teach people a patchwork of confusing rules. These rules can include always use long, complex passwords, never share your passwords, unique passwords for every account, never write your password down, be cautious of personal questions, and more. … Continue reading Why the 90 Day Rule for Password Changing?


March OUCH is Out - Windows XP

OUCH is a free, monthly security awareness newsletter developed by SANS Securing The Human and community volunteers. Our goal is to provide Ordinary Computer Users (OCUs) simple and actionable information on how to protect themselves online. Every month, led by a Guest Editor Subject Matter Expert, we cover a new topic in 1,000 words or … Continue reading March OUCH is Out - Windows XP


New Security Awareness Training for ICS/SCADA Community

At SANS Securing The Human we are very excited to announce the release of new security awareness training designed just for the ICS/SCADA community. Our Subject Matter Expert Tim Conway goes into more detail on the training below. You can learn more about the training (or take a demo) at our ICS Engineering website, or … Continue reading New Security Awareness Training for ICS/SCADA Community


Top Five Most Popular Security Awareness Topics

At SANS Securing The Human we currently have over 40 topics in our security awareness training library. By breaking up our training into short modules organizations can select and use only the topics that directly apply to them. This enables organizations to create short, yet highly effective training. You can find descriptions and short video … Continue reading Top Five Most Popular Security Awareness Topics