Security Awareness

Security Awareness news, information, and how-to advice

ana montes
07 breach botch

lady justice statue

Information security and the flaming sword of justice

There have been times in my career where I found it almost necessary for me to breathe into a paper bag after hearing some asinine positions on what security should be. I have encountered what I like to refer as the “flaming...

jigsaw ransomware logo

Ransomware from Stoned to pwned

When I was in the trenches as a defender I saw all manner of malicious software. The first one I ever encountered back in the late 80s was the Stoned virus. This was a simple program that was lobbying the infected computer...

data breach lessons

Who you gonna call when the crisis comes

There will be times in your career when you know that you will face a crisis. These will be times when things will go horribly and irretrievably wrong. The breach news from Yahoo yesterday is a perfect example. One question that...

magnifying glass stock prices

Investigating Cybersecurity Incidents — a free course

Training provider Logical Operations offers a free online course on how to collect, preserve and analyze evidence from cybersecurity incidents — and prepare for the court case.


Sexting, Weiner and other bad ideas

When I was a kid I was always flirting with the edge of trouble. I was really fortunate that I had strong guidance and good friends that helped to keep me from getting into any real sort of trouble. But, not everyone was so lucky....

stopwatch zero

The speed of ransomware: 3 seconds to encryption [Infographic]

Once you've clicked the phishing email, it's too late.

CSO password management survival guide

The CSO password management survival guide

It's time to take the password problem in hand. This free guide from the editors of CSO will help you communicate the challenges and what is at stake and evaluate and choose the right enterprise password management solution for your...

central station standing

Awareness training: How much is too much?

The goal of security awareness training is to help employees recognize and avoid security risks. The key, experts say, is to make them skeptical but not operate in a “constant state of distrust.”

4 ostrich

9 biases killing your security program

Here’s a (by no means all-inclusive) list of nine such cognitive biases that security professionals should especially remain aware.

mergers acquistions

Mergers create greater security risk

Security risks, both cyber and physical, certainly belong on the list of concerns. And with the ongoing shortage of professionals who are expert in various aspects of data protection—coupled with the seemingly endless stream of...

laptop theft thief

Montreal cops hunting data thieves

When I was a kid growing up I was always enamored with the old cops and robbers movies. I was always amazed a the criminals terrible OPSEC even at a young age. I could never fathom how they didn’t get pinched with that striped...

dense forest

If an Infosec policy falls in the forest

When you are building an Information Security practice you need a solid governance structure in place. For those of you who might not be familiar we can look at it a more accessible way. If you are building a house you need a...

stop sign bullet holes

Emerging technologies are poking holes in security

Accelerated change challenges change management, security DevOps and emerging technologies that enable business innovation and opportunities demand fast, frequent change from the enterprise. The speed and regularity as well as the...

1363297505 0cc28c65b6 b

9/11: My story

How the information security community can support law enforcement in preventing another large scale attack.


Memories of 9/11: More than lost buildings

Like many, my memories of 9/11 are personal and still vivid. Here's my story plus some little-known information about lost evidence on that day.


Why you need tiered security training for IT staff

What's the difference in training for IT staff members and the IT security team?


CIO Career Coach: Acing the interview blogger Martha Heller, continues her series on IT careers. This episode is part one of three and looks at what it takes, after you've gotten through the hiring gauntlet, to smash the interview and do your best to impress.

Phishing trends

What is phishing success?

A recent article asking the question to security professionals seemed to miss the mark, and raises more questions than it answers.

Load More