Security Awareness Blog

Microsoft Confirms Human is #1 Malware Propagation Method

Microsoft released their bi-annual Security Intelligence Report. This is a detailed analysis of the current state of malware and infection propagation methods on the Internet. Sources of data include Microsoft's Malicious Software Removal Tool (MSRT), which runs and analyzes over 600 million computers every month. Their key finding? The human is the number one … Continue reading Microsoft Confirms Human is #1 Malware Propagation Method


Top Three Reasons Security Awareness Programs Are Effective

When trying to communicate the value of security awareness programs to management or other security professional, I find these three points a good starting point. First, keep in mind that ultimately security awareness is nothing more then another control. It reduces risk, it does not eliminate it. Anti-virus does not detect all malware, firewalls do … Continue reading Top Three Reasons Security Awareness Programs Are Effective


Awareness and Education Changing Behavior - HAI Anyone?

One of the best examples of awareness and education changing behaviors may not be found in our community (security) but in healthcare. As I posted yesterday, we have few examples of security awareness changing behaviors because to be honest so few organizations have tried (most security awareness programs focus on compliance). However healthcare is different. … Continue reading Awareness and Education Changing Behavior - HAI Anyone?


Effective Security Awareness Programs - Think Different

I'm a passionate believer that security awareness can work, that you can change human behavior and improve the security of your organization. Some people in the security community disagree, they feel awareness cannot work. If you look at security awareness programs in the past, I would have to agree. These awareness programs failed to change … Continue reading Effective Security Awareness Programs - Think Different


Securing The Human is hiring - PHP Developer

Folks, The SANS Securing The Human team is looking for a technical developer to help grow our organization. We are a fast growing division of about 10 people within the SANS Institute.The position is to help design, build, test and maintain our current online training platform. This is a fast paced environment as we are … Continue reading Securing The Human is hiring - PHP Developer