Does third-party security awareness training work?

Read Ryan Francis take a look at whether third-party security awareness training work on CSO Online : Being a security company, Rapid7 has to take special interest in making sure its 1,000 employees do not succumb to phishing and the like. At a recent CSO50 conference, speakers discussed their security awareness training. Read his full article […]

New Kid On The Block: Cyber Threat Analyst

Read  Bob G. Stasio explains why companies need to build capacity to fight cyber threats on Dark Reading : With the rapid rise, frequency, severity and cost of cyber attacks, many companies today are looking to the government military intelligence industry for the skills, talent and experience to run their security operations center. Read his […]

When Your CEO Won’t Take Security Awareness Training

CEOs are often the busiest people in any organization. As security professionals, we should respect that: but what can we do when our CEO won’t take security awareness training? This is not uncommon but it can be a hard nut for security professionals to crack. We probably don’t top many lists of best for human […]

8 Cybersecurity Mistakes Businesses Make-and How to Fix Them

As I discussed yesterday, a recent survey by KPMG of the CEOs of over 1,200 businesses shows that many firms are woefully unprepared to address cyber attacks. After the report was issued, I spoke with Malcolm Marshall, Global Head of Cyber Security at KPMG, and asked him what areas of weakness he and his team […]

Industrial security awareness continues to remain low

While traditional manufacturing industries were not designed with security in mind, the proliferation of networks and devices, disparate communication channels, and the use of off-the-shelf software has thrust cybersecurity into the spotlight. Safety and security concerns associated with the high levels of connectivity and integration are surfacing as the concept of the Internet of Things […]

Achieve PCI Compliance Through Security Awareness Training

In this article, we will learn how we can achieve PCI-DSS compliance through security awareness training. We will also discuss some of the requirements of PCI-DSS that depend completely on end-user responsibilities and security awareness. Due to lack of education and awareness about payment security, employees often leave security holes in their developed applications by […]

A Security Awareness and Training Policy Checklist

Your organization may already have security training and awareness (STA) program, or (this is less likely nowadays) you may have to build one from scratch. This is a checklist of the policies that should underpin a successful STA program. When building up a team (or virtual team) to meet requirements, it can be useful to […]