Archive of all posts about Cybersecurity Training by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy and security training company.
I recently created a new resource page — How to Make Security Training Effective. The page contains my advice for how to make security training memorable and effective in changing behavior. Training the workforce is an essential way to protect data security, but not all training endeavors are successful. Poor training is akin to shouting […]
What laws require security awareness training? What topics do the laws require to be covered? What should be covered? How frequently should training be given? I recently created a new resource page — Security Awareness Training FAQ — to answer the above questions and more. I discuss various legal and industry requirements for security awareness […]
I created a new poster about information security training, which is debuting at the RSA conference. This poster is based on the fact that the vast majority of information security incidents and data breaches occur because of human mistakes. Information security is only in small part a technology problem; it is largely a human problem. […]
I created some new training programs last year, and here are some of the highlights: The Ransomware Attack (~5 mins) This short program (~5 minutes) consists of an interactive cartoon vignette about malware. The program is highly interactive, and trainees engage with a scenario involving ransomware. Although this program involves ransomware, the lessons it teaches […]