Security Awareness Blog

Security Awareness Maturity Model

One of the biggest challenges I feel we face in security awareness is its lack of maturity. Many fields within information security have developed and matured over the years with entire frameworks built around them, fields such as penetration testing, system hardening, secure software development and digital forensics. However we have no framework or maturity … Continue reading Security Awareness Maturity Model


Learn How To Build High-Impact Awareness Programs Online This July

Folks, I'm very excited to announce our first vLive MGT 433 course the weeks of July 23rd and 30th. vLive is when SANS Instructors teach a real class, but online so you can take it from the comfort of home or at work. Since the training is live, you interact real time with both the … Continue reading Learn How To Build High-Impact Awareness Programs Online This July


Gaining Long Term Support

For your security awareness program to have a true impact, it must be a long term investment. You cannot change behaviors, nor create a security culture, with just a one or two year program. As such you need management's support for the long term. One way that can help you gain that long term support … Continue reading Gaining Long Term Support


OUCH! and SMEs

Two exciting announcements I wanted to share. 1. First, the May edition of OUCH! is out. This month we focus on how to safely dispose your old or unused mobile devices. You would be stunned at how much private data your smartphone or tablet has, often far more then your laptop. Yet people think of … Continue reading OUCH! and SMEs


Engaging People Part II - Your Steering Committee

In our last post we discussed some of the most common challenges organizations face in reaching people in their awareness program, and effective way to overcome them. This blog continues that theme with a second method, utilizing your Steering Committee. A Steering Committee (or Advisory Board) is a team of 5-10 volunteers from different departments … Continue reading Engaging People Part II - Your Steering Committee