Michael Santarcangelo delivers Awareness that Works™
by Joe Knape There are a lot of opinions about security awareness programs, what they should look like, what they should cover, whether they work at all, etc. Recently you’ve even read a few posts on the Security Catalyst blog about awareness training. In addition, there has been a lot of “research” and pontificating about [...]
By Joe Knape The title of this post is an old medical school adage. It suggests, loosely, when a doctor learns of symptoms, usually the most common cause of the symptoms is the culprit. The challenge of knowledge and experience is the natural desire to consider extremes, often in the pursuit of diligence. This adage [...]
By Joe Knape “Best Practice is, however, often a misused term. It is frequently used to support politically correct ideals which, in reality take no account of individual need or circumstances. In this sense the ensuing practice is far from ‘best’ when the resulting effects are contrary to the real ideal situation. It is also [...]
By Joe Knape The focus of The Security Catalyst is “Changing the way people protect information.” Despite the deep respect I have for Michael, I’m skeptical that can be done. Before we can change the way people are protecting information we have to get them to protect it in the first place. My experience of [...]
By Joe Knape In my last post, “Know the spACE”, you read about how to become familiar with the industry your company is in. This is important to a security professional when trying to determine not only the risks a company might be exposed to but also in setting priorities for the people, processes, and [...]
By Joe Knape Prediction is very difficult, especially of the future. – Niels Bohr Apparently, drinking too much eggnog and watching a giant ball made of lights drop from the sky gets people in the in the mood to make predictions for the future. Speaking of which, where’s my flying car?!? When it comes to [...]
By Joe Knape Performing your duties as a security professional with the following “code of conduct” in mind is quite possibly the best thing you could do for your company this year. 1. Learn to use what you already have as efficiently and effectively as possible before asking for more. * Are you using your [...]
By Joe Knape Larry Seltzer’s article “The New Attack Pattern” states that “things are getting better for the average user over time.” At the same time, several other authors state in a fairly lucid manner that users didn’t feel a whole lot more secure in 2006. To make matters seemingly worse, according to most would-be [...]
Engage with Michael