Reinventing Security Awareness Training

Data Breach Today

Want to improve how your organization delivers and absorbs security awareness training? Then it comes down to reinventing your approach, including gamification, says Barracuda's Michael Flouton

NSA Security Awareness Posters

Schneier on Security

From a FOIA request, over a hundred old NSA security awareness posters. These sorts of security awareness posters were everywhere, but there was one I especially liked -- and I asked for a copy. Here are the BBC's favorites. Here are Motherboard's favorites.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

SANS Launches Security Awareness Certification

Dark Reading

The SANS Security Awareness Professional (SSAP) will be available this summer to professionals focused on measuring and mitigating human risk

Smart Building Security Awareness Grows

Dark Reading

In 2020, expect to hear more about smart building security

'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training

Dark Reading

What's definitely not working with end-user cybersecurity awareness training - and what you can do about it

Designing Employee Security Awareness Training That Works

eSecurity Planet

The secret to effective employee security awareness training boils down to three things: Train early, often, and explain why

Defining Security Awareness: Understanding Comes Before Improvement


Distraction is the opposite of awareness. According to popular belief and standard practices, this so-called “awareness” represents a large part of what’s needed in order to prevent security incidents, or at least minimize their impact, right?

Employees’ lack of security awareness is “inexplicable and inexcusable”

IT Governance

Organisations’ second biggest concern is their employees’ lack of security awareness, according to CyberEdge’s 2018 Cyberthreat Defense Report. It adds: “Suffering from a shortage of high-quality security talent is completely understandable.

8 Tips for Building a Security-Aware Culture


My colleagues at MediaPRO and I have historically had loads to say about the importance of security awareness, and there’s always more to say on that subject. Building a culture of security at an organization, the thinking goes, is the best way to change risky behavior.

Webinar: Learn the Ins and Outs of a Security-Aware Culture from a Forrester Expert


Developing and maintaining a security-aware culture in an organization has become vital in the defense against modern cyberthreats. Learn how to instill a culture of security through an engaging, meaningful, and even entertaining security awareness program.

7 Tips for an Effective Employee Security Awareness Program

Dark Reading

Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say

6 Reasons Security Awareness Programs Go Wrong

Dark Reading

While plenty of progress has been made on the training front, there's still some work ahead in getting the word out and doing so effectively

On-Demand Webinar: Learn the Ins and Outs of a Security-Aware Culture from a Forrester Expert


Developing and maintaining a security-aware culture in an organization has become vital in the defense against modern cyberthreats. Our two experts discuss: Addressing cultural challenges to investment in security awareness.

Raising Security Awareness: Why Tools Can't Replace People

Dark Reading

Training your people and building relationships outside of the security organization is the most significant investment a CISO can make

The Fundamental Flaw in Security Awareness Programs

Dark Reading

It's a ridiculous business decision to rely on the discretion of a minimally trained user to thwart a highly skilled sociopath, financially motivated criminal, or nation-state

4 Ways Security Awareness Managers Can Use the 2019 DBIR


Here’s another, this one offering four pieces of advice for security awareness training managers based on the findings of the DBIR. This means security awareness managers cannot exempt executives from training. The lesson for security awareness managers?

55% of Companies Don't Offer Mandatory Security Awareness Training

Dark Reading

Even those that provide employee training do so sparingly, a new study finds

It’s Time to Combine Security Awareness and Privacy Awareness


He’s got info security folks requiring him to take annual training, posting educational videos, and sending simulated phishing email all the time. But when it gets right down to it, Bob doesn’t understand quite where security ends and privacy begins.

Is your staff’s cyber security awareness up to scratch?

IT Governance

The failure of staff to follow workplace security regulations, as well as criminal hackers finding more ways to exploit members of staff, is becoming an increasing problem. Staff can easily undermine your organisation’s cyber security.

Bridging the Gap Between Security Awareness and Action


Information security is at the list of concerns (80% are “concerned” or “extremely concerned”). My new eBook, Bridging the Gap Between Security Awareness and Action , explores these five key issues: How to shift the “governance” conversation to higher ground.

Upcoming webinar: Creating an effective cyber security awareness programme

IT Governance

As hard as it is to believe, an organisation’s biggest security risk is often its own. 75% of large organisations suffered staff-related security breaches in , with 50% of the worst breaches caused by human error, according to a report published by Axelos.

Proving the Value of Security Awareness with Metrics that 'Deserve More'

Dark Reading

Without metrics that matter to the business, awareness programs will continue to be the bastard child of security

How to Gauge the Effectiveness of Security Awareness Programs

Dark Reading

If you spend $10,000 on an awareness program and expect it to completely stop tens of millions of dollars in losses, you are a fool. If $10,000 prevents $100,000 in loss, that's a 10-fold ROI

Protected: Hak5 tool workshops — Achieving Security Awareness Through Social Engineering Attacks BlackHat USA 2019

Architect Security

Hak5 Social Engineering blackhat nano pineapple Security AwarenessThere is no excerpt because this is a protected post.

Optimizing the Security Awareness of Your End-Users

Dark Reading

End-users can be the weakest link in your infosec defense. But according to KnowBe4 founder and CEO Stu Sjouwerman, there is something you can do about that - if you implement the right behavioral diagnostics and focus your training needs on individual users' actual weaknesses

Why cyber survey shows it’s time to improve security awareness

Information Management Resources

Unfortunately, lack of awareness of important security practices is a primary issue plaguing security efforts in healthcare. Cyber security

Report: Almost Two-Thirds of U.S. Employees Unaware if the CCPA Applies to Their Company


Blog Executive Foundational MediaPRO News Privacy Awareness Program Management Security Awareness Thought Leadership White Papers 2020 state of privacy and security awareness MediaPro News original research privacy awareness security awareness

The Importance of Security Awareness Training and the Impact of Attack Demonstrations

Architect Security

In “The Importance of Security Awareness Training“, SANS says: “One of the best ways to make sure company employees will not make costly errors in regard to information security is to institute company-wide security-awareness training initiatives that include, but are not limited to classroom style training sessions, security awareness website(s), helpful hints via e-mail, or […].

7 views: Why National Cyber Security Awareness Month is more important than ever

Information Management Resources

Growing cyber threats remind organizations of the need to be proactive, know their data and security vulnerabilities, encourage awareness practices and seek outside help when necessary. Data security Cyber security Cyber attacks Malware Fraud prevention Encryption Personally identifiable information

Video: Don’t be a Security Zombie!


We often ask information security and privacy professionals what keeps them up at night. Nine out of 10 say it’s fear of Security Zombies. The post Video: Don’t be a Security Zombie!

Why Every Employee is a Vital Part of Security Incident Response


The post Why Every Employee is a Vital Part of Security Incident Response appeared first on MediaPRO. Blog Foundational Security Awareness Thought Leadership employee awareness incident reporting incident response security awareness

75% of organisations have been hit by spear phishing

IT Governance

It also found that only 40% of organisations have full visibility into email threats, meaning those organisations are being targeted regularly and simply aren’t aware of the scale of the threat. You may also benefit from a thorough re-evaluation of your approach to cyber security.

Bridging the Gap Between Security Awareness and Action – A FREE Infographic from AIIM

IG Guru

The post Bridging the Gap Between Security Awareness and Action – A FREE Infographic from AIIM appeared first on IG GURU. IG News Information Governance information security Security AIIM Infographic Security Awareness[link].

75% of organisations have been hit by spear phishing

IT Governance

Fortunately, two recent reports have indicated that most organisations are well aware of the threat of phishing. These and other factors make email fraud, also known as business email compromise (BEC), extremely difficult to detect and stop with traditional security tools.

Data Governance Makes Data Security Less Scary


Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary. Happy Halloween! Do you know where your data is? What data you have?

The high risk of data loss associated with employees

DXC Technology

The security threat from insiders is growing. Security insider threat security awarenessConsider the most recent Verizon Data Breach Investigation Report (DBIR), which found that 20% of cybersecurity incidents and 15% of data breaches investigated within the Verizon DBIR originated from people within the organization. According to Verizon’s DBIR analysis, the top motivators behind insider attacks were financial gain (48%) […].

It’s the Holiday (Phishing) Season! 5 Ways to Stay off the Hook


Blog Foundational Phishing Resources Security Awareness Thought LeadershipThe post It’s the Holiday (Phishing) Season! 5 Ways to Stay off the Hook appeared first on MediaPRO.

What Should I Do If Someone Is Impersonating My Company in a Phishing Campaign?

Dark Reading

Two security awareness advocates from KnowBe4 provide some solid suggestions

5 Signs You Just Got a Phishing Email


That’s why a healthy dose of security awareness, with some skepticism and situational awareness thrown in, can go a long way. Blog Foundational Phishing Resources Security Awareness Thought Leadership cybersecurity cybersecurity awareness phishing security awareness

Majority of organizations still report a lack of cyber security budget

DXC Technology

Despite years of widespread data breaches and increased regulatory demands, 75 percent of respondents to a recent survey do not believe that they have an adequate information security budget. Additionally, attackers continue to successfully use compromised credentials in attacks, and while 93 percent of organizations surveyed are aware of the vulnerability and attack technique — […]. Security cybersecurity security awareness