Blog

Getting your employees to care about security is hard. Not only does security feel irrelevant to them, but they’d much rather be doing their job than going through security awareness training exercises. Video lectures, lengthy quizzes, and brown bag lunch trainings are what paint an image of security in your employees’ minds — and it...Read More

Salespeople aren’t generally active participants at security conferences and it really shows in how some companies try to sell their products. Without understanding the pain points and inner workings of those doing security on a day-to-day basis, it makes it really hard to understand how a product can fit in. However, I had the opportunity...Read More

It’s no secret that without a good internal security awareness brand, building a security culture is next to impossible. A good brand can open doors internally and reduce friction when creating new security campaigns. It can be the difference between being tolerated and being loved as a business partner. But how do you create and...Read More

National Cyber Security Awareness Month (NCSAM) is right around the corner, and every year I find myself thinking of ways to maximize the unique opportunity this month brings. The momentum behind NCSAM provides support for engagement programs that might otherwise be hard to come by. This support can come in the form of resources, executive...Read More

Since our April release of Hacker’s Mind, we’ve been hard at work on a brand new feature that we’re excited to share with you today: Engagement Platform.   Creating a good security training program is half the equation, the other half is being able to easily manage it. With the release of our new Engagement...Read More

Photo credit: Laura Buitrago   This past Saturday, I was lucky enough to be given the chance to give a talk7 at the Day of Shecurity conference ― what’s a “talk7”? That’s seven 45 minute presentations ?. While it’s still fresh in my mind, I wanted to jot down my thoughts on the day. It...Read More

You roll out a brand-new phishing test to your users, the results start to come in…and they’re worse than the last test. What happened? You’ve educated them about phishing, regularly alert them of new attacks, yet it seems they’re still not getting it…or are they? Phishing tests can serve two purposes- education on the latest...Read More

Changing jobs is tough! It’s a high-pressure situation with lots of ambiguity and expectations of the candidate, yet hardly any transparency about what the candidate can expect. I’ve been there, too. I’ve been verbally offered roles right after I interview, and then three weeks later the company hasn’t given me paperwork yet. I’ve had cases...Read More

Working as a security practitioner for nearly a decade now,  I’ve been able to talk to employees at all ranks of an organization about the importance of security. In those conversation, I was often struck by how different the discussions with someone who “got security” were as opposed to someone who totally “didn’t get it.”...Read More