Security Awareness Blog

Grab Your Copy of "You Are A Target" Poster at RSA

Are you at the RSA security conference this week? If so, stop by the SANS booth (#2716) and grab your copy of the "You Are A Target" security awareness poster. I'll be at the booth most of the week, if you are involved in security awareness training I would love to learn about some … Continue reading Grab Your Copy of "You Are A Target" Poster at RSA


The Top Seven Human Risks - Initial Findings

Some of you may be familiar with the Critical Security Controls, a consortium of the security community working to identify the top risks to organizations and the controls that mitigate them. One of the top controls (CC #9) identifies the human element. The challenge is this control simply identifies awareness as important, not which human … Continue reading The Top Seven Human Risks - Initial Findings


Remotely Attend Two Day Course on Building High-Impact Awareness Programs

Looking to build a new security awareness program that makes a difference? Want to pump up the volume on an existing program and go from just compliance focused to changing behaviors and reducing risk? I'll be teaching SANS two day course MGT 433 "Building a High-Impact Security Awareness Program" on 8/9 March in Orlando, Florida. … Continue reading Remotely Attend Two Day Course on Building High-Impact Awareness Programs


Two New Awareness Posters - For Developers and Utilities

We released two new awareness posters for the community. Neither poster will solve world hunger, but they may be a handy reference for your organization. NERC CIP Mapping to Critical Security Controls: This poster identifies all the different NERC CIP Reliability Standards (versions 3, 4 and 5) and maps them against the Critical Security Controls. … Continue reading Two New Awareness Posters - For Developers and Utilities


Awareness Newsletters, Posters, and Blog Posts - Lame?

A common misconception I run into with awareness materials is they cannot change behaviors. For example, posters. We released a new security awareness poster called "You Are A Target", which explains to Ordinary Computers Users why they are a target and identifies all the different ways criminals can make money off of you. This is … Continue reading Awareness Newsletters, Posters, and Blog Posts - Lame?