A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


10 Reasons Your Security Education Program Sucks - Kris French Jr Converge 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

10 Reasons Your Security Education Program Sucks
Kris French Jr
Turtl3Up

* _"There's no patch for human stupidity."_ * _"Training users is a waste of time and resources."_ Comments like these are not uncommon in the information security community. To that I say, "Seriously guys, it doesn't have to be this hard." Most of us would agree that our users are our weakest link - but the fact is, that's our fault, not theirs. But we can fix it together! In this talk, I'll go through the top ten reasons I've seen security education programs fail, and what you can do to avoid those pitfalls. I'm also happy to answer any questions you have about building your own security education program or upgrading your existing one.

Kris is a founder of the Cleveland-area infosec group CleveSec, as well as a board member for the Northeast Ohio Information Security Forum and an organizer for OWASP Cleveland. He does application security and security education for a software vendor in the Cleveland area where he worked to create and run its first-ever application security program.

Back to Converge 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast