Security Awareness Blog: Category - Security Awareness Planning

Security Awareness Blog:

Risk Management with James Tarala in SANS MGT415


Editor's Note: James Tarala teaches the two day SANS course MGT415 Risk Management. James will be teaching this two day class as part of the US Security Awareness Summit in Philadelphia August 19. Below he discusses the class and how it helps the world of security awareness.

You can't attend an information security conference, listen to a webcast, or read an article without hearing about the latest data breach or organization that was hacked. After each breach all the security pundits stand up and say if you just had this one widget then you wouldn't be vulnerable to the breach. And somewhere in that conversation inevitably someone


OUCH! is Out - Social Media

OUCH-201507This month's edition of OUCH! is out. For this month we cover how to use social media safely and securely. Instead of trying to scare people away from this amazing resource, we want to encourage people to use social media, but in a safe manner. As with many things on the Internet, some simple steps (and a little common sense) can go a long way to protecting yourself. As always, OUCH! is free to the public and published in over 20 languages. You can always download the latest version from

We would also like to thank our amazing volunteers who both help develop OUCH! and translate it into multiple languages. You can find a


Guest Post - Leveraging Social Media for Security Awareness

J.Haren(3)Editor's Note: John Haren is the Head of Information Security Governance, Risk & Compliance at Diageo and has responsibility for the company's Security Awareness program. Below he describes how they are leveraging social media to engage staff and help drive their awareness program.

Does your organisation use social media internally? If not, perhaps you should consider it as a tool to be used as part of your security awareness program. In the first of a two part blog series I want to give you an overview of our use of social media for security awareness at Diageo.

I was aware for some time that social media was a perfect mechanism to help me get some of my security messages to people. All


NCSA's Michael Kaiser Speaking at #SecAwareSummit

michael kaiser 1Editor's Note: Michael Kaiser is the director of the National Cyber Security Alliance. He is one of the speakers for the upcoming US Security Awareness Summit in Philadelphia August 19. Below he discusses his talk on NCSA and how you can leverage the organization.

I am thrilled and honored to be speaking at the Security Awareness Summit in Philadelphia on August 19th. The day's agenda looks fantastic, and hope I can add to attendees' knowledge about how to build awareness efforts that have an impact. I will be talking about the National Cyber Security


Women Leading the Way in Securing Human Behaviors

STH-EndUser-Module21-SeniorLeadershipThis month I made a startling realization, it is women and not men who are leading the way in securing human behaviors. For those of you who are new to the information security world this is a big deal, traditionally information security is filled by men. For example if you attend a security conference or work with an information security team you can have 40 security professionals in the room and only 5 may be women. The field of security awareness is bucking that trend, and in a big way. For example, I teach a two day class on how to build, maintain and measure a mature security awareness program.