Tag Archives: awareness training
Agility and Risk Compensation: Exploring the Connection
June 9, 2008 – 6:00 am
–
In my previous and inaugural column, I introduced the concept of a tradeoff between information security and agility, where agility was defined as “the capability to change with managed cost and speed.” Information security doesn’t necessarily have to be at odds with agility, but…
How to Make Security a Presence in Your Organization
April 23, 2008 – 6:00 am
–
Welcome once again to the risk rack. In this risk rack I will be discussing a way to bring some presence to your security awareness month. To the uninitiated, National Security Awareness Month occurs in October and is supported by the U.S. Department of Homeland Security. A security program is…
Does Security Awareness Work (pt. 2)? It all Depends on What You Mean by “Work”
April 22, 2008 – 6:00 am
–
Several weeks ago this column printed an article entitled, “Does Security Awareness Work? Some Answers from Experimental Research.” The article presented results from three published experiments concerning the effectiveness of awareness programs. In the final paragraph of that piece, readers…
Does Security Awareness Work? Some Answers from Experimental Research
April 3, 2008 – 6:00 am
–
Shortly before the 2004 Infosecurity Europe trade show was held in London, a small group of researchers gathered at a major rail station in that city and proceeded to approach the mass of morning commuters. The researchers offered a deal to each individual: If you tell me one of the passwords you…