Best practices

Celebrate Data Privacy Day by Sharing These Free Resources!

January 28, 2019 // By: Jeff Peters

Data privacy tends to be viewed through a negative lens — massive data breaches, fines from government watchdogs and stories of lost customers. But when done right, it can become a story of empowering people and organizations to respect privacy, safeguard data and enable trust. We want to keep that positive message going all year long with these free, shareable resources.

[Free Guide] 12 Best Practices for Effective Security Awareness Training

September 13, 2018 // By: Megan Sawle

A new study from Osterman Research confirms what you already suspected: phishing attacks are on the rise, and despite advanced security controls, more and more malicious emails are hitting end users’ inboxes. Learn how you can prepare your workforce for this growing threat with Osterman’s free guide: 12 Best Practices for Implementing Security Awareness Training.

Lessons from Masters of Persuasion: Customization is Key

March 6, 2019 // By: Megan Sawle

As security awareness practitioners, we need to be better than criminals at influencing our employees’ behavior. Just like digital marketing, customization is key. This means tailoring your training and awareness program by employee role, responsibility and access to boost program effectiveness.

5 Best Practices to Harden Your Human Firewall

November 7, 2018 // By: Tyler Schultz

When building your human firewall through security awareness training, incremental gains are important. Following a few best practices can help you stack your incremental gains and strengthen your human firewall. We were delighted to speak with Forrester senior analyst Nick Hayes about best practices to harden your human firewall.

Why you should run your security awareness program like a marketer

April 16, 2019 // By: Tyler Schultz

Learn how security professionals can adopt basic marketing principles to transform an otherwise routine and easily dismissed security training program into a campaign that employees actually want to engage with.

How to build security awareness & training to NIST standards

June 10, 2019 // By: Tyler Schultz

Review NIST’s cybersecurity training resources and guidelines and explore how you can use Infosec IQ to not only follow NIST recommendations, but also prepare your workforce for the cybersecurity threats they face.

Should repeat offenders be sent to maximum security?

July 29, 2019 // By: Lisa Plaggemier

If you listen regularly to the repeat offender buzz, eventually you’ll hear from those who believe disciplinary actions are the best response. In my current role working for a security education provider, I’m in frequent contact with a remarkable community of peers from other companies. We all agree on the best thing to do with repeat offenders: help them.

Don’t Let Your Crisis Response Create a Crisis

January 15, 2019 // By: Jeff McCollum

We’ve all seen the headlines about massive corporate cybersecurity breaches. Smart business leaders understand the terrible damage that can be inflicted on their organization’s brand and reputation by a botched response to a security incident. But if your organization does become a breach victim, you'll need a crisis response plan. Here are a few tried and true tips.

If your employees aren’t learning from your security training, are you really teaching?

May 3, 2019 // By: Tyler Schultz

Delivering the information your employees need to stay cybersecure doesn’t guarantee they will retain the knowledge or adopt good security habits. If your employees aren’t learning, how can you improve your teaching? What can you do to engage employees, inspire them to change their behavior and, ultimately, keep your organization secure?

7 Research-Backed Tips to Improve Your Security Awareness Training

December 7, 2018 // By: Tyler Schultz

We love talking to clients and security practitioners about what’s working at the ground level of their security awareness programs. However, sometimes it’s helpful to take a step back and look at the security awareness space from a research data perspective. We spoke with Michael Osterman from Osterman Research to dig into 7 research-backed tips to improve your security awareness training.

5 Steps to Building a Cyber-Aware Staff

October 10, 2018 // By: Tyler Schultz

Preventing cybersecurity attacks at your organization takes more than technical efforts. It requires a cyber-aware staff and a culture of security awareness to keep your organization safe. The biggest question is: How can you build a cyber-aware staff?