Here you are. You’ve done your cultural assessment, you were able to identify the holes in the organizations security awareness efforts, you modified training and created a 12 month content plan to fix this. It’s time to sit back, and see some real user behavior change right? Quick question: How do you know that your plan worked? Are users reporting more issues to the help desk? Are people more able to identify phishing emails? Are users retaining the information from annual …

Read more »

Making good content is hard and easy to mess up. This is evident with the loads of boring training videos, out dated posters, and cheesy slogans slapped on a mouse pad. But don’t fret, just because it’s hard, doesn’t mean it’s impossible. Making good content is all about asking the right questions before hand. What content needs to be made? What are the different options? What should be used in tandem? What can be used in place of other things? …

Read more »

Now that we know how to effectively pair a problem behavior with a solution, what happens when the problem behavior is the product of more than one reason? For example, several organizations identify ‘falling for phishing attacks’ as one of the biggest problems they have with users in their organization. A cultural assessment reveals that not only do several users have a hard time identifying the ever changing phishing emails, but they also don’t see them as very dangerous, and …

Read more »

Last month we talked about how to create a successful security awareness organization architecture by first assessing the culture. More specifically, in order to change behaviors you first need to (a) identify the key problem behaviors, (b) find out why they are occurring, and (c) identify the holes in the current training. Simply put, you need to know your organizations culture specific problem before you can do anything about them. So what’s next? Well now that you know the what, …

Read more »

The process of evaluating and changing an organizations user behavior can be a large and daunting task –similar to looking at a picture of the milk-way galaxy with the task of counting the rings around all the planets- but rest assured it can be broken down into a very simple process to follow. Over the next few weeks I will talk about how to identify key behaviors through assessment of an organizations culture, how to identify what about that culture …

Read more »