Security Awareness Blog

Security Awareness Sticker Contest

Stickers can be a fun, creative and cost effective way to reinforce key security awareness learning objectives. As I have mentioned in the past, one of my favorite is Facebook's Darth Vader sticker. To help promote the idea of security awareness stickers we are kicking off the "Security Awareness Sticker Challenge". We are challenging you, … Continue reading Security Awareness Sticker Contest


Security Awareness Maturity Model - Long Term Sustainment

In this series of posts we have been discussing the different maturity levels of security awareness training. We started discussingthe first two levels, having no awareness program and having a compliance focused awareness program, designed to meet only the minimal requirements. Then we covered promoting awareness and change. Today we will cover the next level … Continue reading Security Awareness Maturity Model - Long Term Sustainment


Security Awareness Maturity Model - Promoting Change

In this series of posts we have been discussing the different maturity levels of security awareness programs. We started discussing the first two levels, having no awareness program and having a compliance focused awareness program, designed to meet only the minimal requirements. We are going to pump up the volume now and take things to … Continue reading Security Awareness Maturity Model - Promoting Change


Security Awareness Maturity Model - Levels 1 & 2

In my previous post I introduced the Security Awareness Maturity Model, a tool to help you and your organization identify how mature your security awareness program is and where you can take it. I would like to cover this model in more detail, specifically the first two of the five levels. Level 1: No Security … Continue reading Security Awareness Maturity Model - Levels 1 & 2


Security Awareness Maturity Model

One of the biggest challenges I feel we face in security awareness is its lack of maturity. Many fields within information security have developed and matured over the years with entire frameworks built around them, fields such as penetration testing, system hardening, secure software development and digital forensics. However we have no framework or maturity … Continue reading Security Awareness Maturity Model