Stories by Ira Winkler and Samantha Manke

6 steps to win executive support for security awareness programs

In our article, "The 7 Elements of a successful awareness program," we identified the first and most critical element was obtaining C-level support. Such support is critical for the success of just about any organizational effort. Their support brings organizational buy-in and authority for your efforts. You can get other departments to support your efforts. While you will still meet some resistance, it is easier to overcome or bypass. Most importantly, you get more funding to put together a respectable awareness program.

Ira Winkler and Samantha Manke | 22 Jul | Read more

How to create security awareness with incentives

One of the reasons many security awareness programs fail is that they rely on a "push" mentality, where they force employees to take awareness training and expect or, more likely, hope that employees will seek out additional training, because it is the right thing to do. While many there are programs that do this that are successful, they are relatively rare.

Ira Winkler and Samantha Manke | 02 Dec | Read more

7 reasons for security awareness failure

There is a great dichotomy in Security Awareness. Just about all of the CSOs we talk to believe that one of their top priorities is to improve their organization's security culture -- in other words, the behavior of their users. Similarly, we see article after article and study after study talking about how humans are the primary attack vector for advanced attacks. Some studies indicate that human exploitation is the key enabler in as many as 90 percent of attacks. Buzzphrases, such as protecting and attacking "Layer 8" have emerged.

Ira Winkler and Samantha Manke | 10 Jul | Read more