ISO/IEC 17799:2005(E) (“Information technology – Security techniques – Code of practice for information security management”) is a widely-used guide to information security management that reflects accepted best practice, and which is used in businesses and government organizations around the world. Security awareness training is a key component of the ISO… Continue Reading ISO 17799 and Security Awareness Training

About a year ago, I opened a dialup Internet access account with Earthlink using their ‘secure live sales chat’ feature. “Why a dialup account in this day of high speed internet?”, I hear you ask. Because we were renting a house about 30 miles outside Seattle and couldn’t get any… Continue Reading Earthlink and Process Insecurity

A couple of years ago, Cosaint rolled out a course called "Avoiding Identity Theft". Since that date, most of our clients have picked it up and provided it to their students and it’s been very well received. But sometimes, when talking to prospects, their initial reaction to the course content… Continue Reading Identity Theft? That’s Not Our Problem!

Over the last 5 years, Cosaint has hosted a lot of security awareness training (SAT) portals for clients. And, in the process, we’ve learned a great deal about how to organize support (and quite a bit about how not to organize it!). So here are my 2 basic rules for… Continue Reading Support Arrangements For Your Security Awareness Training Program

Oh no … not again! On Tuesday, Boeing revealed that an employee’s laptop with sensitive information about more than 380,000 current and former employees had been stolen from a car. This is the third such case at Boeing this year. The Privacy Rights Clearinghouse has been monitoring reported data breaches… Continue Reading US Data Security Breaches Since Feb 2005 Top 100M