Last week I started a new series in security awareness training on how to communicate your awareness program. Even once you identify the most effective security awareness topics for your organization, you will not have an impact unless you effectively communicate those topics. Last week I broke down security awareness communication into two categories, primary … Continue reading Security Awareness Training - Primary Communication
Last week I presented a three hour awareness workshop for a large university. When you live and breath security on a daily basis, what you take for granted as common knowledge you quickly remember is not so common. For me, it really hits home when you see the light bulbs click and people begin to … Continue reading Awareness Training About Privacy on Social Networking Sites
Cisco just released their Annual Security Report for 2010. I found this to be one of the best written annual security reports I have read in a while. The format is very easy to read and instead of providing useless statistics, the report provides analysis and intelligence. You get a real feel for what the … Continue reading Social Engineering - Seven Deadly Weaknesses
One of the biggest challenges I feel organizations face in their awareness program is lack of structure. Even if they have taken time to identify the security awareness topics with greatest impact, they often communicate that content in a haphazard manner. To be effective you need a communications plan. To help you structure your communications … Continue reading Communicating Your Awareness Program - Primary & Reinforcement
I'm very excited to announce the new and improved OUCH! Security Awareness newsletter. As some of you may know, for over six years now SANS has been publishing the OUCH! newsletter as a free security awareness resource. OUCH! is published every month and covers a new security awareness topic designed to educate ordinary computer users. … Continue reading The *New* Security Awareness Newsletter - OUCH!