The Verizon 2016 Data Breach Investigations Report (DBIR) again highlights phishing as a successful attack vector with 30% of people opening phishing e-mails and 13% opening attachments, often within the… Read more The Unexpected E-mail Needs More Scrutiny →
Oftentimes, it’s tempting to introduce security awareness to your organization in very concise terms (in ways that don’t exactly get people excited). It’s a symptom of wanting to formalize everything.… Read more Use Stories to Introduce Awareness Programs →
If you’re strapped for time, as many IT managers are, here’s a simple, no-cost technique to reinforcing security culture in your workplace: Recognize those that are security-minded. You can do… Read more Calling Out Employee (Good) Behavior →
When I talk to IT directors, they often say they’re not sure how to teach security. This task is made easier, I think, if we stop framing it as “teaching… Read more You’re Not Teaching IT Security →