Categories
-
Recent Posts
- Security Awareness and Social Networks: Why You Should Care, and What You Should Teach
- Poor Delivery – 5 Reasons Why Security Awareness Training Programs Fail – Part 2
- If You’re Going to Use PowerPoint
- Don’t Get Bogged Down in “How To”
- The Wrong Content – 5 Reasons Why Security Awareness Training Programs Fail – Part 1
Archives
Category Archives: Education
Security Awareness and Social Networks: Why You Should Care, and What You Should Teach
You might have been avoiding it until now – thinking that social networking (Facebook, MySpace, LinkedIn …) is just a passing trend, or it’s only used by teenagers, or people only use it to exchange photos and jokes. But, if … Continue reading
Posted in Education, Information Security
1 Comment
Poor Delivery – 5 Reasons Why Security Awareness Training Programs Fail – Part 2
You can have the best content in the world – well-written and illustrated, perfectly aimed at your target audience … – and your program will still fail if the delivery is poor. Whether it’s a boring presentation in the classroom, … Continue reading
Posted in Education, Information Security
1 Comment
If You’re Going to Use PowerPoint
If you’re going to use PowerPoint to present security awareness training to a class of students, or perhaps to make a business case to your senior management, here are some suggestions from Seth Godin about how to make the best … Continue reading
Posted in Education
Leave a comment
Don’t Get Bogged Down in “How To”
When creating security awareness training materials, it’s tempting to explain to students exactly how they should scan a file for viruses, the steps to take to check an SSL certificate, how to examine the headers of an email … Don’t. … Continue reading
Posted in Education
Leave a comment
The Wrong Content – 5 Reasons Why Security Awareness Training Programs Fail – Part 1
In my experience, one of the most common ways that security awareness training programs fail is that the content of the awareness/training materials is wrong for the target audience. The mention of the audience is important here – what’s appropriate … Continue reading
Posted in Education, Information Security
1 Comment
Awareness, Training, and the Four-Stage Learning Model
In some guidance documents (e.g., NIST SP800-16), you’ll find a distinction drawn between “awareness” and “training” even though most of us use the words together when talking about education of end-users. There’s actually a good theoretical basis for differentiating between … Continue reading
5 Reasons Why Security Awareness Training Programs Fail
All too often, I hear about security awareness training programs that fail. Here are some of the reasons that I hear: The information that they contain is inappropriate for the audience (usually far too complex). The presentation of the … Continue reading
Posted in Education, Information Security
2 Comments
Security Awareness Training for Call Center Reps
Call centers often handle highly sensitive information for customers including financial data such as credit card details, Social Security numbers, and bank account details; and, in some cases, health information. This means that they need to comply with an increasing … Continue reading
Posted in Compliance, Education, Information Security
Leave a comment
H1N1 and Snowstorms – Training for Teleworkers
In a blog posting entitled “H1N1 and telework,” Akamai’s Senior Director of Information Security and Chief Security Architect, Andy Ellis, writes that: [H1N1] affects us in the workplace. If an employee has a small child and they don’t have a … Continue reading
Posted in Education, Information Security
Leave a comment
The Changing Economics of Training Development
Training isn’t immune from the changes that newspaper and book publishers are facing as production and distribution costs drop dramatically. These days, anyone can create a simple course at little to no cost (except their time) – especially if they … Continue reading
Posted in Education
Leave a comment