Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: training

Top 5 Things CISOs Should Do During This Bad Economy?

– Whenever my personal budget is down and I am concerned about tightening my belt I seem to always turn to fixing things in my home. While my wife would prefer that our household budget always be up rather than down, she seems happy when I suddenly begin completing half-done projects around the…

Forget The IT Security Strategy, Just Get R Done!

– In recessionary times, how many organizations say, “We need to send more people to training, increase our travel budgets, and hire some strategy people? ” These activities just don’t happen. Why is that? Let’s say that you are nearing retirement and have put in place a 10…

How to Make Security a Presence in Your Organization

– Welcome once again to the risk rack. In this risk rack I will be discussing a way to bring some presence to your security awareness month. To the uninitiated, National Security Awareness Month occurs in October and is supported by the U.S. Department of Homeland Security. A security program is…

Does Security Awareness Work (pt. 2)? It all Depends on What You Mean by “Work”

– Several weeks ago this column printed an article entitled, “Does Security Awareness Work? Some Answers from Experimental Research.” The article presented results from three published experiments concerning the effectiveness of awareness programs. In the final paragraph of that piece, readers…

Does Security Awareness Work? Some Answers from Experimental Research

– Shortly before the 2004 Infosecurity Europe trade show was held in London, a small group of researchers gathered at a major rail station in that city and proceeded to approach the mass of morning commuters. The researchers offered a deal to each individual: If you tell me one of the passwords you…