Editor's Note:This guest blog post is from John Andrew at Honeywell. How do we persuade folks who are resistant to ''Security Awareness' efforts? Great question! I was fortunate to pick up a rare last minute opening - to go on a 3 day backpacking & camping trip at Cumberland Island National Forest on the coast … Continue reading Guest Post - Go Beyond ''Check-the-Box' Compliance
Earlier this week we released the latest edition of the OUCH! security awareness newsletter, "Passwords / Passphrases". We explain in simple terms how you can create strong passwords using passhrases, and some simple steps to using them safely. However with this release come some new changes we are excited about. Updated Look: We changed the … Continue reading A New OUCH!
As many of you know Verizon recently released their 2013 DBIR (Data Breach Investigations Report) which analyzes 621 known, documented breaches collected from 19 organizations. There is a huge wealth of information here, and if you have time read it. You can download it from http://www.verizonenterprise.com/DBIR/2013/ There is alot of humor injected, which makes … Continue reading DBIR Report - A Fascinating Human Perspective
Okay, this one is for the security community. I'm amazed and stunned how often our community arrogantly blames people for security risks, when it is ourselves that are only to blame. Let's pick on everyone's favorite flogging topic when it comes to people, passwords. You know, the topic where we blame users for being 'stupid' … Continue reading Stop Blaming People And Start Blaming Ourselves - Starting With Passwords
SANS MGT 433 is a two day course that enables organizations to build high-impact, engaging awareness programs with a focus on changing behaviors. Based on the lessons learned from hundreds of organizations, we have been teaching this course for over three years now. The biggest hits of the course are the student interaction and … Continue reading SANS MGT433 Course Coming to London