[RERELEASE] What is security awareness?

In the refreshed edition of the Exploring Information Security (EIS) podcast, I talk to Amanda Berlin AKA @Infosystir about security awareness. 

Amanda was charged with setting up a security awareness program for her company from scratch. Setting up a security awareness program is hard work, making it effective is even harder, but Amanda rose to the challenge and came up with some creative ways to help fellow employees get a better handle on security.

In this interview we cover:

  • What is security awareness?

  • How a security awareness program should be implemented.

  • What does an effective security program look like?

  • How do you measure the effectiveness of a security awareness program

How to achieve security awareness through social engineering - Part 2

In this ranty edition of the Exploring Information Security podcast, Jayson E. Street joins me to discuss how to achieve security awareness through social engineering.

Jayson (@jaysonstreet), is the VP of Information Security at Sphereny. He and April Wright (@aprilwright) are doing training at both Black Hat and DerbyCon on how to achieve security awareness through social engineering. The training focuses on helping blue team members setup effective security awareness programs.

In this episode we discuss:

  • How to communicate with executives

  • Why we need to empower users

  • What happens when Jayson plays video games

  • Why shock value is important

How to achieve security awareness through social engineering - Part 1

In this ranty edition of the Exploring Information Security podcast, Jayson E. Street joins me to discuss how to achieve security awareness through social engineering.

Jayson (@jaysonstreet), is the VP of Information Security at Sphereny. He and April Wright (@aprilwright) are doing training at both Black Hat and DerbyCon on how to achieve security awareness through social engineering. The training focuses on helping blue team members setup effective security awareness programs.

In this episode we discuss:

  • Why security awareness is important
  • What our own experience is with training people
  • What's in the training
  • How to talk to communicate effecitvely

What is the Security Culture Conference? - Part 2

In this relationship building episode of the Exploring Information Security podcast, I explore what is the Security Culture Conference in Oslo, Norway, June 14 - 15, 2015 with the creator of the Security Culture Framework Kai Roer.

Kai (@kairoer), is a speaker, trainer, consultant, and the creator of the Security Culture Framework (SCF). The framework deals with embedding a security mindset into the entire organization. It takes security awareness training to the next level by not only performing the training, but then measuring it's effectiveness. The Security Culture Conference is a result of that idea. It brings the brightest minds in security and gives them a platform to share ideas on the security culture in an organization. The conferences is June 14 - 15 in Oslo, Norway.

EIS listeners can get a discount on an admission ticket by entering promo code: PVCSEC

In part two we focus on the Security Culture Framework:

  • Why you should attend the conference
  • What was the motivation for the conference?
  • The type of content people can expect
  • The activities attendees can expect while attending the conference

What is the Security Culture Conference? - Part 1

In this relationship building episode of the Exploring Information Security podcast, I explore what is the Security Culture Conference in Oslo, Norway, June 14 - 15, 2015 with the creator of the Security Culture Framework Kai Roer.

Kai (@kairoer), is a speaker, trainer, consultant, and the creator of the Security Culture Framework (SCF). The framework deals with embedding a security mindset into the entire organization. It takes security awareness training to the next level by not only performing the training, but then measuring it's effectiveness. The Security Culture Conference is a result of that idea. It brings the brightest minds in security and gives them a platform to share ideas on the security culture in an organization. The conferences is June 14 - 15 in Oslo, Norway.

EIS listeners can get a discount on an admission ticket by entering promo code: PVCSEC

In part one we focus on the Security Culture Framework:

  • What is the Security Culture Framework
  • How it's applied to an organization
  • The four items of success
  • Metrics used to measure security culture

More Resources

What is security awareness?

In the refreshed edition of the Exploring Information Security (EIS) podcast, I talk to Amanda Berlin AKA @Infosystir about security awareness. 

Amanda was charged with setting up a security awareness program for her company from scratch. Setting up a security awareness program is hard work, making it effective is even harder, but Amanda rose to the challenge and came up with some creative ways to help fellow employees get a better handle on security.

In this interview we cover:

  • What is security awareness?
  • How a security awareness program should be implemented.
  • What does an effective security program look like?
  • How do you measure the effectiveness of a security awareness program