Reinventing Security Awareness Training

Data Breach Today

Want to improve how your organization delivers and absorbs security awareness training? Then it comes down to reinventing your approach, including gamification, says Barracuda's Michael Flouton

NSA Security Awareness Posters

Schneier on Security

From a FOIA request, over a hundred old NSA security awareness posters. These sorts of security awareness posters were everywhere, but there was one I especially liked -- and I asked for a copy. Here are the BBC's favorites. Here are Motherboard's favorites.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Employees Would Simply Rather Not with Boring Security Awareness Training, New Research Finds

MediaPro

The post Employees Would Simply Rather Not with Boring Security Awareness Training, New Research Finds appeared first on MediaPRO.

SANS Launches Security Awareness Certification

Dark Reading

The SANS Security Awareness Professional (SSAP) will be available this summer to professionals focused on measuring and mitigating human risk

Designing Employee Security Awareness Training That Works

eSecurity Planet

The secret to effective employee security awareness training boils down to three things: Train early, often, and explain why

Smart Building Security Awareness Grows

Dark Reading

In 2020, expect to hear more about smart building security

Live Webinar: Expert Insights into the 2020 State of Privacy and Security Awareness Report

MediaPro

The post Live Webinar: Expert Insights into the 2020 State of Privacy and Security Awareness Report appeared first on MediaPRO. Blog Foundational Privacy Awareness Program Management Security Awareness Thought Leadership 2020 state of privacy and security awareness privacy training security awareness webinars

Researchers Create New Framework to Evaluate User Security Awareness

Dark Reading

Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats

Educating Educators: Microsoft's Tips for Security Awareness Training

Dark Reading

Microsoft's director of security education and awareness shares his approach to helping train employees in defensive practices

'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training

Dark Reading

What's definitely not working with end-user cybersecurity awareness training - and what you can do about it

Live Webinar: What Do Shirtless Men Have To Do with Security Awareness?

MediaPro

The post Live Webinar: What Do Shirtless Men Have To Do with Security Awareness? Blog Foundational Security Awareness Thought Leadership awareness programs cybersecurity privacy awareness security awareness webinarappeared first on MediaPRO.

Defining Security Awareness: Understanding Comes Before Improvement

InfoGoTo

Distraction is the opposite of awareness. According to popular belief and standard practices, this so-called “awareness” represents a large part of what’s needed in order to prevent security incidents, or at least minimize their impact, right? Awareness Is More Than Do’s and Don’ts. In the context of information risk management, security awareness has little to do with user relationships.

7 Tips for an Effective Employee Security Awareness Program

Dark Reading

Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say

The Fundamental Flaw in Security Awareness Programs

Dark Reading

It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state

8 Tips for Building a Security-Aware Culture

MediaPro

My colleagues at MediaPRO and I have historically had loads to say about the importance of security awareness, and there’s always more to say on that subject. More and more I’m hearing talk of “culture change” and of “creating security cultures”—conversations that go well beyond mere awareness. Building a culture of security at an organization, the thinking goes, is the best way to change risky behavior. Emphasize the Value in the Awareness Spend.

6 Reasons Security Awareness Programs Go Wrong

Dark Reading

While plenty of progress has been made on the training front, there's still some work ahead in getting the word out and doing so effectively

Raising Security Awareness: Why Tools Can't Replace People

Dark Reading

Training your people and building relationships outside of the security organization is the most significant investment a CISO can make

Webinar: Learn the Ins and Outs of a Security-Aware Culture from a Forrester Expert

MediaPro

Developing and maintaining a security-aware culture in an organization has become vital in the defense against modern cyberthreats. PST for the live webinar Harden the Human Firewall by Building Awareness, Behavior, and Culture , co-lead by Forrester analyst Jinan Budge and MediaPRO Chief Learning Officer Tom Pendergast. Learn how to instill a culture of security through an engaging, meaningful, and even entertaining security awareness program.

Employees’ lack of security awareness is “inexplicable and inexcusable”

IT Governance

Organisations’ second biggest concern is their employees’ lack of security awareness, according to CyberEdge’s 2018 Cyberthreat Defense Report. This is the first time in five years that poor security awareness hasn’t topped the list – with ‘lack of skilled personnel’ nabbing the top spot. It adds: “Suffering from a shortage of high-quality security talent is completely understandable. How is poor awareness affecting organisations?

On-Demand Webinar: Learn the Ins and Outs of a Security-Aware Culture from a Forrester Expert

MediaPro

Developing and maintaining a security-aware culture in an organization has become vital in the defense against modern cyberthreats. Watch our on-webinar Harden the Human Firewall by Building Awareness, Behavior, and Culture , with MediaPRO Chief Learning Officer Tom Pendergast guest speaker Forrester analyst Jinan Budge to learn how to instill a culture of security through an engaging, meaningful, and even entertaining security awareness program.

4 Ways Security Awareness Managers Can Use the 2019 DBIR

MediaPro

Here’s another, this one offering four pieces of advice for security awareness training managers based on the findings of the DBIR. This means security awareness managers cannot exempt executives from training. If anti-phishing training , ideally paired with a phishing simulator , is not part of your awareness initiative, it should be. The lesson for security awareness managers?

55% of Companies Don't Offer Mandatory Security Awareness Training

Dark Reading

Even those that provide employee training do so sparingly, a new study finds

Is your staff’s cyber security awareness up to scratch?

IT Governance

The failure of staff to follow workplace security regulations, as well as criminal hackers finding more ways to exploit members of staff, is becoming an increasing problem. Much of this is because companies fail to follow basic security measures when it comes to employee provisioning and deprovisioning. Staff can easily undermine your organisation’s cyber security. They need to understand and comply with your cyber security rules and regulations.

Bridging the Gap Between Security Awareness and Action

AIIM

Information security is at the list of concerns (80% are “concerned” or “extremely concerned”). 43% of organizations see the information security and governance problem as “impossible” or “very difficult” to automate, creating competitive advantage for those organizations that can solve this riddle. My new eBook, Bridging the Gap Between Security Awareness and Action , explores these five key issues: How to shift the “governance” conversation to higher ground.

Protected: Hak5 tool workshops — Achieving Security Awareness Through Social Engineering Attacks BlackHat USA 2019

Architect Security

Hak5 Social Engineering blackhat nano pineapple Security AwarenessThere is no excerpt because this is a protected post.

How to Gauge the Effectiveness of Security Awareness Programs

Dark Reading

If you spend $10,000 on an awareness program and expect it to completely stop tens of millions of dollars in losses, you are a fool. If $10,000 prevents $100,000 in loss, that's a 10-fold ROI

Proving the Value of Security Awareness with Metrics that 'Deserve More'

Dark Reading

Without metrics that matter to the business, awareness programs will continue to be the bastard child of security

Upcoming webinar: Creating an effective cyber security awareness programme

IT Governance

As hard as it is to believe, an organisation’s biggest security risk is often its own. 75% of large organisations suffered staff-related security breaches in , with 50% of the worst breaches caused by human error, according to a report published by Axelos. Yet when organisations initiate a compliance programme or implement an information security management system (ISMS), the importance of understanding the audience and their unique needs is often overlooked.

Optimizing the Security Awareness of Your End-Users

Dark Reading

End-users can be the weakest link in your infosec defense. But according to KnowBe4 founder and CEO Stu Sjouwerman, there is something you can do about that - if you implement the right behavioral diagnostics and focus your training needs on individual users' actual weaknesses

Live Webinar: The Benefits of Building Security Training Employees Want to Take

MediaPro

The post Live Webinar: The Benefits of Building Security Training Employees Want to Take appeared first on MediaPRO.

7 views: Why National Cyber Security Awareness Month is more important than ever

Information Management Resources

Growing cyber threats remind organizations of the need to be proactive, know their data and security vulnerabilities, encourage awareness practices and seek outside help when necessary. Data security Cyber security Cyber attacks Malware Fraud prevention Encryption Personally identifiable information

Security Training and Awareness: The Missing Piece of Your Insider Threat Program

MediaPro

The post Security Training and Awareness: The Missing Piece of Your Insider Threat Program appeared first on MediaPRO. Blog Foundational Security Awareness Thought Leadership incident reporting insider threats security awareness security training

Why cyber survey shows it’s time to improve security awareness

Information Management Resources

Unfortunately, lack of awareness of important security practices is a primary issue plaguing security efforts in healthcare. Cyber security

The Importance of Security Awareness Training and the Impact of Attack Demonstrations

Architect Security

In “The Importance of Security Awareness Training“, SANS says: “One of the best ways to make sure company employees will not make costly errors in regard to information security is to institute company-wide security-awareness training initiatives that include, but are not limited to classroom style training sessions, security awareness website(s), helpful hints via e-mail, or […].

Report: Almost Two-Thirds of U.S. Employees Unaware if the CCPA Applies to Their Company

MediaPro

Blog Executive Foundational MediaPRO News Privacy Awareness Program Management Security Awareness Thought Leadership White Papers 2020 state of privacy and security awareness MediaPro News original research privacy awareness security awareness

Video: Don’t be a Security Zombie!

MediaPro

We often ask information security and privacy professionals what keeps them up at night. Nine out of 10 say it’s fear of Security Zombies. Okay, they don’t call them “security zombies,” but they do worry about people who put themselves or their organizations at risk by forgetting to apply some basic common sense to protecting information. The post Video: Don’t be a Security Zombie!

It’s Time to Combine Security Awareness and Privacy Awareness

MediaPro

He’s got info security folks requiring him to take annual training, posting educational videos, and sending simulated phishing email all the time. But when it gets right down to it, Bob doesn’t understand quite where security ends and privacy begins. When he asks, the privacy and security folks are perfectly happy to go on at length about how different their two domains are—but it often sounds like an old Miller Lite beer ad: “Tastes great!”

Bridging the Gap Between Security Awareness and Action – A FREE Infographic from AIIM

IG Guru

The post Bridging the Gap Between Security Awareness and Action – A FREE Infographic from AIIM appeared first on IG GURU. IG News Information Governance information security Security AIIM Infographic Security Awareness[link].

Why Every Employee is a Vital Part of Security Incident Response

MediaPro

The post Why Every Employee is a Vital Part of Security Incident Response appeared first on MediaPRO. Blog Foundational Security Awareness Thought Leadership employee awareness incident reporting incident response security awareness

What Should I Do If Someone Is Impersonating My Company in a Phishing Campaign?

Dark Reading

Two security awareness advocates from KnowBe4 provide some solid suggestions