Security Awareness Blog

Starting Your Awareness Program

When it comes to security awareness, a common challenge I find is organizations have focused so much on getting management support, budget and materials that when they are ready to start they have not yet thought of how to begin. One of the best places to start is building your team, a steering committee if … Continue reading Starting Your Awareness Program

Phishing Your Own Organization

One of the things we have discussed in the past, especially on security awareness metrics, is assessing your own organization with the same attacks bad guys use, such as Phishing attacks. There are commercial solutions that allow you to do internal Phishing assessments, including Core IMPACT, Wombat and Phishme. However to date there has not … Continue reading Phishing Your Own Organization

Speaking / Teaching Security Awareness

Folks, I just wanted to share some learning opportunities about human issues and building effective awareness programs. Please join me as we learn together about securing the Human OS. Securing The Human Webcast: I'll be presenting a short, one hour webcast next Wednesday, 29 June on Securing The Human. Learn what makes the Human OS … Continue reading Speaking / Teaching Security Awareness

Standards Requiring Security Awareness Training - Final

Folks, I'm excited to announce the first official release of "Security Awareness Compliance Requirements". This document lists all known standards and regulations that require security awareness training. Specifically you will find the name of each regulation, the section within the regulation that requires awareness training and links to more information. This is intended to … Continue reading Standards Requiring Security Awareness Training - Final

Standards Requiring Security Awareness Training

Folks, as you may have noticed we have been adding a tremendous number of new resources to our Security Awareness Resources section on the Securing The Human Website. A new page we will be adding soon is on "Business Justification", providing you the resources you need to get management support AND funding for your … Continue reading Standards Requiring Security Awareness Training