Security Awareness Blog

Security Awareness For Senior Management

As I discussed in my last blog posting, we at SANS our going through our bi-annual update on security awareness training, specifically updating our awareness content. One of the key new modules we are developing is just for senior management. While it would be great for senior management to go through all the in-depth training … Continue reading Security Awareness For Senior Management


The How of Security Awareness Phishing Assessments

Last week we discussed WHY you would want to consider phishing assessments as part of your security awareness program, specifically metrics and reinforcing training. Today we discuss HOW. Below are several different options, starting with the simplest and finishing with the most advanced. Each has its advantages and disadvantages, so try with whatever works best … Continue reading The How of Security Awareness Phishing Assessments


The Why of Security Awareness Phishing Assessments

Phishing assessments can be a powerful tool for your awareness program. In the past we discussed how you can use phishing assessments for metrics, specifically how to measure what impact you are having in changing employee behavior. However I'm finding phishing assessments to be even more powerful as a training tool. The difference … Continue reading The Why of Security Awareness Phishing Assessments


Security Awareness Presenting Tips - Simulcast

Over the past couple weeks I've been sharing my personal lessons learned for successful security awareness presentations. Today I would like to share one of the newest challenges I'm facing, simulcasts. Old school presenting involves standing up in front of a group of real people. Then we have webinars,where we virtually present to people around … Continue reading Security Awareness Presenting Tips - Simulcast


Lessons Learned For Updating Your Security Awareness Content

One of the challenges we face in information security is our world is in a constant change - new technologies are released, business requirements change and bad guys are constantly evolving and adapting. As a result, to keep your security solutions effective you have to keep them updated. Security awareness is no different, I recommend … Continue reading Lessons Learned For Updating Your Security Awareness Content