Here’s a cartoon I created to illustrate the importance of security awareness training. I hope you find it amusing.
Tag: Information Security Awareness Training
This blog covers privacy training, information security awareness training, and HIPAA training topics
Spot the Privacy and Security Risks Training Game
I’m pleased to announce a new training program: Spot the Risks: Privacy and Security. The program is a Where’s Waldo style risk-spotting game that takes about 5 minutes to complete. Trainees are asked to spot the risks in an office. Feedback is provided about each risk so trainees learn many of the most important best […]
Information Security Training: Focus on the Human Problem
I created a new poster about information security training, which is debuting at the RSA conference. This poster is based on the fact that the vast majority of information security incidents and data breaches occur because of human mistakes. Information security is only in small part a technology problem; it is largely a human problem. […]
New Privacy and Security Awareness Training Programs
I created some new training programs last year, and here are some of the highlights: The Ransomware Attack (~5 mins) This short program (~5 minutes) consists of an interactive cartoon vignette about malware. The program is highly interactive, and trainees engage with a scenario involving ransomware. Although this program involves ransomware, the lessons it teaches […]
Blogging Highlights 2015: Cybersecurity Issues
I’ve been going through my blog posts from 2015 to find the ones I most want to highlight. Here are some selected posts about security: The Worst Password Ever Created Should the FTC Kill the Password? The Case for Better Authentication
Boards of Directors Must Grapple with Privacy and Cybersecurity
By Daniel J. Solove Privacy and cybersecurity have become issues that should be addressed at the board level. No longer minor risks, privacy and cybersecurity have become existential issues. The costs and reputational harm of privacy and security incidents can be devastating. Yet not enough boards are adequately engaged with these issues. According to a […]
New Resource Page: Privacy and Security Training Requirements
by Daniel J. Solove I have created a new resource page for the TeachPrivacy website: Privacy and Security Training Requirements.
Why We Should Persuade and Train with Stories
By Daniel J. Solove Once upon a time, there was a teacher who wanted to train people. At first, the teacher stated a list of things to do and not do. But this had little effect. The teacher was upset and started to doubt whether he could ever get through to people. But then […]
Burn Before You Learn or Learn Rather than Burn
By Daniel J. Solove It seems as though every week brings news of another batch of data breaches . . . and they’re getting bigger. Target. Home Depot. Sony. Anthem. The list goes on and on. The costs of many of these breaches are devastatingly large. And yet most data breaches are readily preventable. After […]
The $500,000 Value of Data Security Awareness Training
by Daniel J. Solove It has long been difficult to quantify the ROI of data security awareness training. But finally, I have been able to locate a number. According to a 2014 PricewaterhouseCoopers study: “The financial value of employee awareness is even more compelling. Organizations that do not have security awareness programs—in particular, training for […]