PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Passwords Cartoon – Security Awareness Training

Cartoon Passwords - TeachPrivacy Security Awareness Training 01

Here’s a cartoon I created to illustrate the importance of security awareness training.  I hope you find it amusing.

Spot the Privacy and Security Risks Training Game

Spot the Risks Privacy and Information Security Awareness Training

I’m pleased to announce a new training program:  Spot the Risks: Privacy and Security. The program is a Where’s Waldo style risk-spotting game that takes about 5 minutes to complete.  Trainees are asked to spot the risks in an office.  Feedback is provided about each risk so trainees learn many of the most important best […]

Information Security Training: Focus on the Human Problem

Information Security Awareness Training Plan B

I created a new poster about information security training, which is debuting at the RSA conference.  This poster is based on the fact that the vast majority of information security incidents and data breaches occur because of human mistakes.   Information security is only in small part a technology problem; it is largely a human problem. […]

New Privacy and Security Awareness Training Programs

security awareness training

I created some new training programs last year, and here are some of the highlights: The Ransomware Attack (~5 mins) This short program (~5 minutes) consists of an interactive cartoon vignette about malware.  The program is highly interactive, and trainees engage with a scenario involving ransomware. Although this program involves ransomware, the lessons it teaches […]

Blogging Highlights 2015: Cybersecurity Issues

Cybersecurity Training

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts about security: The Worst Password Ever Created Should the FTC Kill the Password? The Case for Better Authentication

Boards of Directors Must Grapple with Privacy and Cybersecurity

By Daniel J. Solove Privacy and cybersecurity have become issues that should be addressed at the board level. No longer minor risks, privacy and cybersecurity have become existential issues. The costs and reputational harm of privacy and security incidents can be devastating. Yet not enough boards are adequately engaged with these issues. According to a […]

New Resource Page: Privacy and Security Training Requirements

by Daniel J. Solove I have created a new resource page for the TeachPrivacy website:  Privacy and Security Training Requirements.

Why We Should Persuade and Train with Stories

By Daniel J. Solove   Once upon a time, there was a teacher who wanted to train people. At first, the teacher stated a list of things to do and not do. But this had little effect. The teacher was upset and started to doubt whether he could ever get through to people. But then […]

Burn Before You Learn or Learn Rather than Burn

By Daniel J. Solove It seems as though every week brings news of another batch of data breaches . . . and they’re getting bigger. Target. Home Depot. Sony. Anthem. The list goes on and on. The costs of many of these breaches are devastatingly large. And yet most data breaches are readily preventable. After […]

The $500,000 Value of Data Security Awareness Training

by Daniel J. Solove It has long been difficult to quantify the ROI of data security awareness training. But finally, I have been able to locate a number. According to a 2014 PricewaterhouseCoopers study: “The financial value of employee awareness is even more compelling. Organizations that do not have security awareness programs—in particular, training for […]