The U.S. Department of Education today released a new guide to laws and rules colleges must follow to ensure e-reading devices and other emerging technologies are accessible to all students. It focuses on students with vision problems, a group whose access issues have triggered official complaints against colleges. The document, in the… Continue Reading Education Department Clarifies E-Reader Accessibility Rules

Far too many security awareness training programs start with a series of horror stories about hackers and identity theft, lost money and damaged reputations, privacy breaches and deleted computer files. Before long, the average student starts to tune out – after all, if it’s that bad out there, there’s not… Continue Reading Security Awareness and Climate Change – Scaring People is Not the Right Approach

Over the years, I’ve heard a lot about how important it is to ‘engage’ staff in information security, but very little about how to do this in practice. And what little advice I see seems to be limited to providing giveaways and trinkets. Surely, there has to be more than… Continue Reading Engaging Your Staff in Security Requires Leadership – Not Free Coffee Mugs

If you’re planning your online security awareness training content development strategy, don’t forget PowerPoint. Much maligned as a web-based training tool, it should still have a place in your toolkit for when you need to develop quick and simple training materials – perhaps when you have an urgent message to… Continue Reading Don’t Forget PowerPoint for Your Security Awareness Training

Here’s a blog post by Simon Herring of Ubersecure which describes how (during an authorized penetration test) he was able to “persuade” a helpdesk agent of a large company to reset his password by pretending to be a salesman in a panic. Once the password had been reset, he was… Continue Reading Don’t Let Your Helpdesk Help the Wrong People!

You have the right subject matter, and a sound plan for presenting your materials. But, like it or not, cost is a major consideration when putting a security awareness training program in place. Initial price is often the thing people focus on most, but it’s seldom what causes a program… Continue Reading Too Expensive – 5 Reasons Why Security Awareness Training Programs Fail – Part 3

It’s that time of year again – when fraudulent and nuisance emails, and online hoaxes and scams start making the rounds even more quickly than usual. Sophos has posted a warning about one such hoax spreading rapidly on Facebook where users are warning each other about a “Christmas Tree” virus… Continue Reading ‘Tis the Season for … Hoaxes and Scams