For years there has been a persistent and spirited debate regarding the effectiveness of information security awareness programs and whether or not they should be utilized within the enterprise.

Keeping employees committed to information security is tough. The fundamental problem is that the better our security, the less evidence we have to reinforce it. As weeks and months go by with no ...

A New Zealand consultancy called IsecT (standing for “security in IT”) runs a valuable Web site called NoticeBored that is anything but boring. IsecT CEO Gary Hinson commented wryly to me when he fact ...

During the 2016 National Cyber Security Awareness Month in October, Frederick Scholl wrote an intriguing article for CSO Magazine entitled, “Time to kill security awareness training.” Many people ...