Nov 30, 2018

Incident Response in 3 Domains

By | November 30th, 2018|Ask The Experts, Managing SA Programs, Security Awareness Programs|

Taking a tiered or layered approach is one of the best strategies for handling the many challenges of cybersecurity. That’s why we created the Domains Triad, which breaks down security into three parts: Cyber, Physical, and People. Similar to how the CIA Triad provides a compartmentalized view of how to [...]

Nov 09, 2018

Monthly Newsletters: The Ultimate Reinforcement for Your Awareness Program

By | November 9th, 2018|Ask The Experts, Managing SA Programs, Security Awareness Programs|

If you’ve hung around this blog long enough, you know that we strongly endorse continuous learning and microlearning for training employees. Those two strategies provide proven, successful ways to educate, and monthly newsletters take advantage of both of them. The former refers to a cycle of education that repeats itself [...]

Nov 01, 2018

Top-5 Ways to Ensure a Successful Awareness Program

By | November 1st, 2018|Ask The Experts, Launching SA Programs, Managing SA Programs, Planning SA Programs, Security Awareness Programs|

The way your employees grasp and process the information you give them will determine the success of your security awareness program. To oversimplify what that means: boring, long-winded, overly complicated programs will likely fail. Conversely, bright, entertaining, inclusive programs tailored to your user-base will likely succeed. What follows are five [...]

Jul 12, 2018

Pretexting and the Psychology of a Scam

By | July 12th, 2018|Ask The Experts, Managing SA Programs, Security Awareness 101|

Social engineering–the use of psychological manipulation to gain and abuse the trust of humans. Social engineers have long taken advantage of human emotions. It’s how they’re able to convince people to divulge sensitive information or provide access to controlled areas of buildings and offices. The tactics that scammers use have been [...]

Mar 22, 2018

Is Your Training Working? Ask Your Users!

By | March 22nd, 2018|Ask The Experts, Managing SA Programs, Security Awareness Programs|

How do you measure the success of your security awareness program (SAP)? Even with metrics and testing, the numbers only tell us when and if employees have completed training. Not if the training had a positive impact on an organization’s efforts to prevent breaches or data leaks. Not if it [...]

Dec 28, 2017

Your Security Awareness Program is Just Another Dynamic Business Process

By | December 28th, 2017|Ask The Experts, Managing SA Programs, Security Awareness Programs, Winn Schwartau|

No matter what business you are in, for it to be successful, you must develop, and evolve over time, improved processes. Whether it’s making a pizza parlor 15% more efficient, or streamlining warehouse inventory management by optimizing deliveries and shipments, it’s all about process. Every business relationship has a beginning; [...]

Sep 28, 2017

Top Tips to Creating Your Own Information Security Policy Training Program

By | September 28th, 2017|Launching SA Programs, Managing SA Programs, Planning SA Programs, Security Awareness Programs|

So you’ve been tasked with building a security awareness program? It’s a tough job. You’ve got to figure out how to tell people about the program, teach them the security lessons that are most important to your organization, and stay within a tiny budget. What’s even tougher is figuring out [...]

Sep 28, 2017

SAP Planning Calendar

By | September 28th, 2017|Ask The Experts, Free Stuff, Managing SA Programs|

From determining the needs of employees to delivering the proper content, while also dealing with budget constraints and deadlines, those put in charge of managing an organization’s security awareness program (SAP) have their hands full. Unfortunately, that’s how planning—the most important stage of any successful SAP—often gets overlooked. Setting goals [...]

Sep 26, 2017

Which is Better: Proactive User Training or Reactive User Training?

By | September 26th, 2017|Launching SA Programs, Managing SA Programs, Planning SA Programs, Security Awareness Programs, Uncategorized|

Which is better: Proactive User Training or Reactive User Training? With Security Awareness the answer is BOTH. Many clients come to us in crisis: “Help! Too many of our employees are falling for phishing scams!” or “Help! We got breaches last year!” or “Help! We didn’t pass compliance and need [...]

Sep 24, 2017

5 Ways to Get User Participation in Your Security Awareness Program

By | September 24th, 2017|Launching SA Programs, Managing SA Programs, Planning SA Programs, Security Awareness Programs|

Sometimes it’s tough to get users to participate in your information security awareness program. Employees don’t want MORE work thrust upon them, even if it is something that will help them be better at their jobs (and help protect their families at home)! So you, the awareness program manager, have [...]

Load More Posts