Security Awareness Blog

Security Awareness Blog

Looking for Speakers for October?

SSO-STC-CCSAM-HashtagLogos-CYBERAWAREBLKAs many of us know, October is National Cyber Security Awareness Month (also known as NCSAM or #CyberAware). This is the month many organizations use to promote their internal security awareness efforts, to include bringing in speakers. If you are looking for speakers for this year, here are some suggestions. Keep in mind, some of these speakers may charge speaker fees.


  • Try your local law enforcement, such as local FBI or Secret Service. People will often come to your events just to meet a real agent. In addition, these people can bring fascinating, real world stories that people will want to hear. Best of all,
...

Security Awareness and the New Hire Process

STH-People-PuzzleSteps1FA common problem many organizations face with their security awareness program is the new hire process. They are tasked to train and secure new hires, but often have very limited time and resources to do this (sometimes no more than 15 minutes to 'secure' each new hire during the initial on-boarding). In addition, new hires are bombarded and overwhelmed with everything else they are learning, to include healthcare, how email works, how their new computer works, expenses, etc. We had a great discussion about this challenge in the last MGT433 two-day course, this is what we as a class came up with.


  • Do not try to secure
...

OUCH is Out

OUCH-201508The August edition of the OUCH! newsletter is out. This month we cover backups. While not as sexy or exciting as other security measures, it is one of the most important (and simple) steps you can take to protect your data. Just last week my wife's hard drive crashed. We lost over 45,000 family photos and literally 15 years of our family history. However, what would have been a disaster was not an issue, we simply recovered her computer from Time Machine backups. Please help us spread the word about backups, download and share OUCH! with your family, friends and coworkers. And as always, thanks to our amazing

...

Tip of the Day - Brand New

TipOfTheDay-ProgramThe Tip of the Day program is a free resource developed for the community. It provides a new security awareness tip every day on how you can secure yourself online. While the lessons learned focus primarily on home or personal use, these same behaviors also help secure today's organizations. As we are seeing throughout industries, one of the most effective ways to secure peoples' behaviors at work is focus on how they benefit at home. While the Tip of the Day program is not new, these tips are. We just completed a comprehensive review with the entire tip database updated and re-written. In addition, every tip is now linked to an OUCH!

...

Not your father's CIP

FullSizeRender MJA BIO (1)Michael Assante

There are many things that are still fuzzy when thinking ahead to CIPv5, what is clear is that you can't simply take your past V3 experience and apply it forward. NERC and industry have taken a big step forward in designing a set of cybersecurity standards that focus on protecting against cyber compromises that could lead to "misoperation or instability" of the North American Bulk Electric System.

NERC, anticipating the material nature of the enhancement, initiated a program to help industry transition directly from CIP Version 3 to CIP Version 5. There is a combination of challenges that makes it a necessary and significant investment:


    ...