With great job titles come great responsibilities. C-level employees, senior management, and upper-level members of all organizations work challenging shifts. Sometimes, those challenges lead to habits that could undermine the security of an organization. If you’re in a position of power, it’s your job to reduce risky behavior, such as [...]
No organization wants to end up in the headlines as the next corporate victim of a major data breach. For that reason, security awareness programs have become a staple component of every business, in nearly every industry, regardless of size or global reach. But there’s a huge difference between programs [...]
The modern-day cybersecurity landscape didn’t become what it is overnight. Decades of technological advances and cultural evolution play into our current situation. And The Security Awareness Company has been there all along, creating proactive awareness content designed with end users in mind. When our organization was founded by Winn Schwartau [...]
Your job is to create, launch, and manage your organization’s security awareness program. Where do you even start? It’s a daunting challenge that leaves many people with more questions than answers. That’s why we’ve put together this introductory guide to creating and managing a successful SAP! The following pages are [...]
Here at the Security Awareness Company, we’re blessed to have a creative team that is passionate about everything they do. The content they create is beyond impressive from a standpoint of both quantity and quality. That’s why one of the hardest projects we take on each year is choosing our [...]
From determining the needs of employees to delivering the proper content, while also dealing with budget constraints and deadlines, those put in charge of managing an organization’s security awareness program (SAP) have their hands full. Unfortunately, that’s how planning—the most important stage of any successful SAP—often gets overlooked. Setting goals [...]
Taking a tiered or layered approach is one of the best strategies for handling the many challenges of cybersecurity. That’s why we created the Domains Triad, which breaks down security into three parts: Cyber, Physical, and People. Similar to how the CIA Triad provides a compartmentalized view of how to [...]
Initially developed for critical infrastructure, the National Institute of Standards and Technology established a framework for improving cybersecurity, now referred to simply as NIST CSF. At the core of the framework exists five functions, and 22 categories within those five functions, which have become the standard for many organizations worldwide. [...]
If you’ve hung around this blog long enough, you know that we strongly endorse continuous learning and microlearning for training employees. Those two strategies provide proven, successful ways to educate, and monthly newsletters take advantage of both of them. The former refers to a cycle of education that repeats itself [...]
The way your employees grasp and process the information you give them will determine the success of your security awareness program. To oversimplify what that means: boring, long-winded, overly complicated programs will likely fail. Conversely, bright, entertaining, inclusive programs tailored to your user-base will likely succeed. What follows are five [...]
