Security Awareness Blog

Overcoming the 5% Security Awareness Challenge

Recently I posted about the 5% security awareness challenge. Specifically, if you schedule a security awareness training event, such as a webcast or an onsite workshop, you will average a 5% show up rate. In other words, unless the training is absolutely mandatory, you will fail to reach over 90% of your organization. To reach … Continue reading Overcoming the 5% Security Awareness Challenge


Cartman Says "Show Your Badge Dirty Hippie"

I just finished my two day class on building high-impact awareness programs. One of the things we discussed in class is Outgoing cultures versus Conservative cultures. Outgoing organizations tend to have younger employees and be very open minded on how you can communicate, organizations such as technology companies, marketing companies or universities. Conservative organizations tend … Continue reading Cartman Says "Show Your Badge Dirty Hippie"


The Geo-Tagging Challenge Results

On Wednesday we had the Geo-Tagging challenge. Your mission was to analyze an image taken of a street vendor and determine where the image was taken, and more specifically what security event. The whole purpose is to demonstrate the type of information (called metadata) people can publicly share without realizing it. Here are the results. … Continue reading The Geo-Tagging Challenge Results


Teaching the Wrong Thing About Password Security Awareness

Okay, another debate just popped up about password complexity. I'm starting to get frustrated with all this discussion on exactly what is the perfect, complex password. At some point it does not matter, good enough is good enough. The reason I'm concerned is organizations may loose focus on the big picture on passwords. There … Continue reading Teaching the Wrong Thing About Password Security Awareness


The Geo-Tagging Challenge - Where & What is Lunch?

One of the things I love about security awareness is that even though I've been at this for years, I never stop learning myself. In preparation for the upcoming April OUCH! newsletter we have been doing alot of research on Metadata, including geo-tagging for images. I always kind of knew that my smartphone was tagging … Continue reading The Geo-Tagging Challenge - Where & What is Lunch?