Awareness Training

Want security awareness training? Think outside the box

Want security awareness training? Think outside the box

If properly cultivated through effective education programs, employees can shed the moniker of "weakest link" and become an organization's greatest security asset.

Podcast: Security awareness training and rewarding good behavior

Podcast: Security awareness training and rewarding good behavior

By

Awareness training is finally becoming more about security and less about compliance, as SANS instructor Lance Spitzner discusses in this SC Magazine Podcast episode.

SC Congress New York: Security is about the basics, with a personal touch

By

Organizations must accept that they have been compromised by attackers and apply some personal craft to limit the damage, two security experts said during a panel Wednesday at SC Congress New York.

Video: Educating students on reducing online risk

By

Andrew Lee, CEO of ESET North America, sits down with SC Magazine Executive Editor Dan Kaplan to discuss why security education needs to make its way into school curricula. This will allow students to become better protectors of their personal critical infrastructure -- their homes -- and prepare them to be security conscious employees once they enter the working world.

Smartphones? There's malware for that, too.

Smartphones? There's malware for that, too.

Mobile devices, while unique, pose security challenges not unlike traditional PCs, and organizations can apply some basic tips to stay ahead of the threats.

Security education: We're doing it wrong

Security education: We're doing it wrong

Most PC owners are thinking about security protection from a pre-botnet perspective.

DHS seeks increased cybersecurity funds for 2012

By

Department of Homeland Security (DHS) Secretary Janet Napolitano this week campaigned before federal lawmakers in support of her agency's portion of President Obama's $3.7-trillion proposed budget.

2011: A security manager's wish list

2011: A security manager's wish list

This year, thanks to a renewed focus on the insider threat, the longings of the security professional may come to fruition.

The time axis of evil: phishing's golden hour

Five steps any size business can employ today to crush phishing risks.

Social networks: Criminal enterprise, Part 1

Far from being Doctor Evil's Facebook page, social networks for criminals cover multiple facets of global crime. Should countering cybercrime be a goal of corporate business or is it merely a job for law enforcement?

Best practices for security awareness training

By

Security awareness training programs should be an essential part of information security endeavors, a security professional said Thursday at SC World Congress in New York.

End-user awareness: Interview with JR Smith, CEO of AVG

By

SC Magazine reporter Angela Moscaritolo asks JR Smith, CEO of anti-virus firm AVG, for his thoughts on National Cyber Security Awareness Month, which kicked off this week. Smith also offers his suggestions on how organizations can best implement a culture of education around security best practices.

National Cybersecurity Awareness Month arrives

By

The annual National Cybersecurity Awareness Month festivities kick off Monday, and a new public awareness campaign highlights this year's event.

Mobile workforce: Interview with Patricia Titus, CISO of Unisys

By

SC Magazine Managing Editor Greg Masters sits down with Patricia Titus, the former CISO at the Transportation Security Administration and current CISO at IT firm Unisys, to discuss how organizations should handle the threat posed by employees who seek to connect remotely and use mobile devices for work-related functions.

Why can't cybersecurity be as desirable as Wall Street?

By

I recently chatted with Randi Levin, CTO of the city of Los Angeles, for a cover story I'm writing about cloud computing and the security ramifications of the technology.

Cybersecurity mythbusting: Book smart versus street smart, Part 3

What are the top solutions CIOs and IT managers need to know to educate the highly educated and defend against cybercrimes such as phishing? In our conclusion we find that the key may be in raising situational awareness through education.

Public-private awareness initiative developed

By

A survey gauging public awareness over the need for internet safety and security confirms the need for a new national messaging campaign, according to two nonprofits.

Cybersecurity mythbusting: Book smart vs. street smart, Part 2

What are highly intelligent, highly educated people doing that makes them nine times more vulnerable than a high school dropout to cybercrime?

Cybersecurity mythbusting: Book smart vs. street smart, Part 1

What happens when it comes to recognizing computer crimes and scams which cost much more than pocket change?

DHS presents awards in cyber awareness challenge

By

The U.S. Department of Homeland Security has recognized seven proposals designed to educate and empower internet users to better protect themselves against cyberthreats. The winning proposals will help guide the DHS' National Cybersecurity Awareness Campaign, set to kick off in October. Among the winners was anti-virus firm ESET, co-honored in the "Best Local/Commmunity Plan" category for its "Securing our eCity" initiative, which leverages public and private partnerships to educate the San Diego community on online safety. Another winning vendor was Cisco, recognized for its "Cybersecurity is Everyone's Responsibility" in the "Best Publicity and Marketing" category. — DK

Social engineering, Part 2: No school like old school: Crushing your pretext calling risks

Social engineering is just a phone call away.

Social engineering, Part 1: No school like old school: Crushing your pretext calling risks

Getting all the dirt on someone used to be easy for any savvy investigator.

Rogue AV: A wolf in sheep's clothing

Rogue anti-malware, also known as rogue AV, has become the delivery vehicle of choice for the cybercriminals seeking to infect endpoints with their payloads.

PCI DSS 1.2: Changes, best practices and tips

PCI DSS is a global information security standard consisting of 12 different requirements - assembled and released by the Payment Card Industry Security Standards Council (PCI SSC).

Security training won't solve the negligent insider threat

Security training won't solve the negligent insider threat

Technology is necessary to stave off hacker attempts because humans cannot always be perfect.

U.S. House to toughen internal cybersecurity policy

By

For the first time, the U.S. House of Representatives will require its staff and members to take part in an annual IT security training program -- one of the mandates under new policy set to take effect next year.

Sign up to our newsletters

POLL