In a conversation related to my recent blogpost, How can we improve security culture, if security awareness training programs are…
20/11/2018 Read more
Risk and Security
Security awareness and security culture must be measured in order to understand and manage change. The security awareness industry has never been able to provide independent measures of the effectiveness of training programs.
16/11/2018 Read more
A long-held belief in security exists that views humans as the weakest link. The trend has been backed by social…
11/07/2018 Read more
From a risk management perspective, the question we really need to ask (and be able to measure) is: To what extent does the culture enable or inhibit responsible risk taking?
03/07/2018 Read more
Given that the root cause of almost every security incident recorded can be attributed to human error, it follows that…
29/06/2018 Read more
Given that 95% of all cybersecurity incidents can be attributed to human factors, how can we control those human factors…
12/06/2018 Read more