Security Awareness Blog

Do Phishing Assessments Desensitize Employees?

A question I am commonly asked about Phishing Asssesments is do they desensitize employees? Do employees beging to treat phishing (both real attacks and simulated attacks) as a frivolous game, ultimately exposing the organization to more risk, not less? Based on my experience I would have to say a resounding no. To be honest, if … Continue reading Do Phishing Assessments Desensitize Employees?

Phishing in Spam Folders

Over the past years I've noticed a growing trend with enterprise email filtering solutions, they have become very good at filtering out spam and phishing attacks. In fact, I would dare say they are becoming too good, it is now standard behavior for employees to go into their junk email boxes or spam quarantines several … Continue reading Phishing in Spam Folders

New Release of STH.EndUser Training - Ver 2013.1

Our goal at Securing The Human is ensuring you have the most effective training possible. To achieve that, we do a complete review and update of all our End User security awareness training twice a year. Cyber threats and technologies are constantly changing, to stay current so to should your awareness program. Next week we … Continue reading New Release of STH.EndUser Training - Ver 2013.1

June OUCH is Out

The June edition of the OUCH! security awareness newsletter is out. This month we focus on URL Shorteners and QR Codes. While these technologies are not what I would consider a high priority risk (compared to some of the other human risks we see) what makes these technologies unique is many people do not know … Continue reading June OUCH is Out

Guest Post - Go Beyond "Check-the-Box" Compliance

Editor's Note:This guest blog post is from John Andrew at Honeywell. How do we persuade folks who are resistant to 'Security Awareness' efforts? Great question! I was fortunate to pick up a rare last minute opening - to go on a 3 day backpacking & camping trip at Cumberland Island National Forest on the coast … Continue reading Guest Post - Go Beyond "Check-the-Box" Compliance