Why the definition of security awareness matters

the definition

Your paradigm is so intrinsic to your mental process that you are hardly aware of its existence, until you try to communicate with someone with a different paradigm. ~ Donella Meadows Considering the meaning, purpose and expression of security awareness is a personal and professional pursuit. In fact, it’s my sole focus and the reason [...]

Why people are not the problem in security and where to look (hint: grab a mirror)

Do not put your faith in what statistics say until you have carefully considered what they do not say.  ~William W. Watt Over the last few years, we have been presented a series of reports, complete with statistics, suggesting the cause of security breaches is people. Whether external attackers taking advantage of individuals, insider mistakes [...]

Memo from users: educate, but don’t embarrass us

The moment we judge someone, we forfeit the ability to help. Seems like a lot of what is being promulgated in so-called “security awareness” today is nothing short of berating people with a list of the things they shouldn’t do, coupled with a non-intuitive list of what they should do. I read a lot of [...]

Into the Breach Audio Book Chapter 10: Reducing the Cost of Compliance

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio [...]

RV Adventure inspired Awareness that Worksâ„¢

As the son of a son of a sailor I went out on the sea for adventure Expanding the view of the captain and crew Like a man just released from indenture As a dreamer of dreams and a travelin’ man I have chalked up many a mile Read dozens of books about heroes and [...]

Into the Breach – Audio Series – Chapter 9 (Extending the Conversation: Rewards Beyond Protecting Information)

itb-audioseries-150px

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio [...]

Does the cloud take away the need for a security team?

By Craig Nelson Let’s be direct:  we have a huge personal stake in the push toward cloud computing. Do companies that move to the cloud still need security professionals? The answer is clear: yes — and even more than ever. We are at the beginning of a huge paradigm shift in the middle of a [...]

Into the Breach – Audio Series – Chapter 8 (Measuring Success)

itb-audioseries-150px

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio [...]

Security From Scratch: Getting the Lay of the Land

layofland

by Dennis Kuntz “You rush a miracle man, you get rotten miracles.” – Miracle Max, from The Princess Bride When building Security from Scratch, the challenge is in undertanding the situation from the start. Once the team is identified/assembled, the focus shifts rapidly to getting a handle on the security posture of the organization. This [...]

Continue Playing

1210501_chess2

by Jeff Kirsch In “Playing Games”, I shared some lessons that I learned while playing chess with my son. Chess is a rich example of the need for, and challenge of, planning ahead. For those unfamiliar with this game of skill and strategy, the goal is simple: Capture your opponent’s king and force him into [...]