For years there has been a persistent and spirited debate regarding the effectiveness of information security awareness programs and whether or not they should be utilized within the enterprise.

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Government agencies, private businesses and ...

A New Zealand consultancy called IsecT (standing for “security in IT”) runs a valuable Web site called NoticeBored that is anything but boring. IsecT CEO Gary Hinson commented wryly to me when he fact ...

Keeping employees committed to information security is tough. The fundamental problem is that the better our security, the less evidence we have to reinforce it. As weeks and months go by with no ...

This article originally appeared in the March 2022 issue of Security Business magazine. When sharing, don’t forget to mention Security Business magazine on LinkedIn and @SecBusinessMag on Twitter.

Imagine this: As part of an exercise to teach security awareness, employees enter a room. An actual, physical operational security "escape room," which at first looks like a regular office room. But ...

As the complexity and volume of vulnerabilities continue to increase, it’s encouraging to see that software developers are starting to understand the vital role they can play in upholding ...

During the 2016 National Cyber Security Awareness Month in October, Frederick Scholl wrote an intriguing article for CSO Magazine entitled, “Time to kill security awareness training.” Many people ...

A company once sent an email to all of its employees (about 500 of them), telling them about a holiday bonus of $650. When prompted to click on a link and fill out a form with their personal details ...