Blog Posts Tagged with "Dave Aitel"

2e4d1e4bb6b5e2d5901e2ede8065fb24

Why Effective Awareness Training Matters

August 12, 2012 Added by:Brent Hutfless

Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

On Security Awareness Training

August 05, 2012 Added by:PCI Guru

Security awareness training has its place, but it is not a silver bullet. The world is full of risks and a security professional’s job is to minimize those risks and manage the remaining residual risk. This is why security is done in layers, so that when people make that mistake you minimize the impact...

Comments  (0)

1b061b1cec6b5898e5326992d9461610

No Infosec Sacred Cows

August 02, 2012 Added by:Dave Shackleford

Most security awareness programs SUCK. I bet the majority of the awareness proselytizers are doing the same old crap with some stupid Web-based Flash thingie that people click through as fast as they can, and a little printout goes in their HR folder. UGH. That doesn’t work, never has, and never will...

Comments  (3)

3071bd3c5c013c8c3defcccad0259c16

Is Security Awareness as Effective as We Imagine?

July 24, 2012 Added by:Hani Banayoti

We cannot relax our technical security deep-dive efforts just because we think we deliver good corporate security awareness. Did high profile technology and security companies like RSA, GlobalSign, DigiNotar, Sony, Yahoo, Linkedin etc, not have good security awareness when they got compromised? I'm sure they did...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

You Shouldn't Train Employees for Security Awareness: Rebuttal

July 23, 2012 Added by:Boris Sverdlik

I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

Throwing the Baby Out with the Bath Water

July 20, 2012 Added by:Infosec Island Admin

You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...

Comments  (3)