Security Awareness Blog: Author - lspitzner

Security Awareness Blog:

Lessons Learned from the EU #SecAwareSummit

STH-Summit-London-BannerImageLast week we hosted the first ever SANS Security Awareness Summit in Europe. The goal of the summit was to bring together thought leaders and practitioners from around the world who are working to secure the human element. The event was huge success as over 80 professionals had the opportunity to meet and learn from each other. I wanted to share with you some of the key take aways from the event. You can also download the presentations from the summit here.

  • Behavior Costs: Angela Sasse is the Professor of Human-Centred Technology and Head of Information Security

Guest Post #2 - Leveraging Social Media at Diageo

J.Haren(3)Editor's Note: John Haren is the Head of Information Security Governance, Risk & Compliance at Diageo and has responsibility for the company's Security Awareness program. Below is part two of a series where John describes how Diageo is leveraging social media to engage staff and help drive their awareness program.

In a my previous blog post I discussed how we have used Yammer at Diageo to help me both deliver content and get some engagement with the end-user population, to facilitate their asking questions and drive a two-way dialog between them and our security team. I introduced


The Internet of CIP Things (IoCT)

tim-conwayEditor's Note:Tim Conway is theTechnical Director of ICS and SCADA programs at SANS. Below he discusses the impact of the Internet of CIP Things.

You have likely heard of the Internet of Things, which encompasses the interconnected network of "stuff" that has become completely intertwined in every part of your life. I present to you the Internet of CIP Things for your consideration, which encompasses the interconnected network of CIP activity that absolutely consumes your life if you work in this field. Without pulling out the old-timer card and going back through the history of CIP Things, let's just focus on the CIP Things of now. Without further ado — the Internet of CIP Things Top 10 list aka-CIP


The War for Cyber Talent - #SecAwareSummit

Headshot May 2015Editor's Note: We are adding a free, bonus event for the upcoming Security Awareness Summit, a half day session on the most effective ways to finding cyber talent in today's environment.Below Jim Michaud discusses the War for Cyber Talent event and what you can learn from it.

When was the last time you heard this one? "We can't find enough of the qualified people we need, and we are worried about keeping the people we have developed". It's called a War for Talent for a reason. The supply of qualified cyber professionals is far outstripped by the increasing demand, and there appears to be no end in


Gamification at Salesforce - #SecAwarenessSummit

Masha SedovaEditor's Note: Masha Sedova is the Senior Director of Trust Engagement at Salesforce.She is one of the speakers for the upcoming US Security Awareness Summit in Philadelphia August 19. Below she discusses her talk on gamification and the power of engaging employees.

For many employees in organizations across the world, security training is synonymous with getting a root canal. An interaction with the security team is rarely seen as a favorable experience and is often associated with policy enforcement, password rotation and annual computer-based trainings. But imagine a new work environment where your employees viewed the