Security Awareness for the Rest of the Year

October is behind us, a big month for national security awareness campaigns across several countries. For many, campaigns like this offer the only security training people get during the entire year. But a campaign oriented approach like this has also a few limitations. You simply cannot frame all your company’s security training needs within one month. Campaigns cannot be arranged for each and every other month either. So, what should you do when October ends?

It’s not just about the awareness of others, but your own awareness of people and security is key to getting them aligned.

Continue reading “Security Awareness for the Rest of the Year”

People + Policy + Products = Secure Practice

A famous thought leader in security, Bruce Schneier, popularised the term «people, process and technology» back in 1999. Our security strategy must cover all three areas, and this holds more true than ever. Technology still gets the most attention, and we still need to advance the people formula. I believe cyber security needs more empathy.

Secure practice is established through awareness, culture and good user experiences.

Continue reading “People + Policy + Products = Secure Practice”