Security Awareness Blog

Updated and New Security Awareness Resources

One of our goals at Securing The Human is to help ensure the success of your awareness program, from initial rollout to long term deployment. As such we maintain a variety of free resources for you, including awareness surveys, project plans and execution matrixes. I just did a big update and wanted to share with … Continue reading Updated and New Security Awareness Resources


July Edition of the OUCH! Security Awareness Newsletter - Encryption

We just posted the July edition of the OUCH! Security Awareness newsletter. Led by Guest Editor Fred Kerby, we explain what encryption is, how it works and how it can help people. There are many miss conceptions on what encryption can and cannot do, we hope to clarify that. As always we understand awareness … Continue reading July Edition of the OUCH! Security Awareness Newsletter - Encryption


Executing Your Security Awareness Program: Step 2

In our first post about Executing Your Security Awareness Program we discussed putting together your Steering Committee, a team of 5-7 people to help you develop and improve your awareness program. The second step is identifying who the target is of your awareness program. WHO then determines what content you will teach and how you … Continue reading Executing Your Security Awareness Program: Step 2


Starting Your Awareness Program

When it comes to security awareness, a common challenge I find is organizations have focused so much on getting management support, budget and materials that when they are ready to start they have not yet thought of how to begin. One of the best places to start is building your team, a steering committee if … Continue reading Starting Your Awareness Program


Phishing Your Own Organization

One of the things we have discussed in the past, especially on security awareness metrics, is assessing your own organization with the same attacks bad guys use, such as Phishing attacks. There are commercial solutions that allow you to do internal Phishing assessments, including Core IMPACT, Wombat and Phishme. However to date there has not … Continue reading Phishing Your Own Organization