Questions tagged [awareness]
The awareness tag has no usage guidance.
26
questions
4
votes
2
answers
368
views
How concerned should we be about RFID skimming?
I've heard/read several pentesting stories where the pentesters clone RFID badges. I've also seen some articles saying RFID skimming is a negligibly small problem. The RFID skimming I'm talking about ...
2
votes
1
answer
343
views
Hacking demonstration
We are thinking about giving an awareness live demonstration in the company I work for. The general idea is to show the users how can they be hacked while connected to a public wifi spot such as a ...
2
votes
3
answers
279
views
How should security user training be provided when implementing a company BYOD strategy?
Our company is implementing a BYOD policy. I am working with management to draft end user training guidelines / standards as senior member of the Information Security team. Our company is in a ...
2
votes
0
answers
142
views
How to force employees to complete security awareness quiz? [closed]
The idea is that when a user logs in PC (Windows 10) he should be forced to complete a quiz before he could start work.
These are company owned laptops.
The quiz will be few questions short, shown ...
21
votes
3
answers
3k
views
Should corporate security training be tailored based on a users' job role?
I work in the Information Security team at my workplace. We work in the insurance and healthcare industry and work frequently with customer credit card, financial, and private health data.
Today I ...
7
votes
4
answers
425
views
Why should small and medium-sized businesses care about security?
Pretext
I'm not a security expert, just a web dev with an interest in "security".
I've been tasked by my employer with giving an internal talk on security (specifically web application security) and ...
1
vote
3
answers
387
views
Why are data breaches like the one at Quora considered so bad?
Today, I read this article that said that some hacker stole personal information of 100 million users of Quora — which allegedly is half of the total user base of Quora. This is kind of like when ...
2
votes
3
answers
153
views
How can I focus on the positive side of information security to create awareness?
I would like to know how I can create a healthy and positive environment for information security. Due to some mistakes, this is not the case at the moment at the company I am at.
I am an intern at ...
16
votes
8
answers
3k
views
How to make people report incidents?
I would like to know how you make employees report incidents. Incident reports are a key element of an ISMS. No reports = No discovery of the incident = High chance things go out of control.
We have ...
6
votes
2
answers
818
views
How to explain importance of security & privacy to a layman? [duplicate]
Often I come across people who don't understand the importance of security or privacy. They are careless and many times they will quote some nonsense, like: 'I have nothing to hide...' etc.
What is ...
5
votes
1
answer
327
views
Is it wise to show the "e-mail has been scanned by XYZ antivirus" in e-mails footer? [closed]
It is a common practice to append the "antivirus footers" to emails, e.g.:
Scanned by ClamAV
or
This email has been scanned by the XYZ Email Security service
There is many opinions about it, ...
0
votes
2
answers
186
views
Efficiency of end-user training
I have read a lot on the topic of enforcing end-user security training, such as how to spot a phishing email for example. Even enforced training, such as conferences or videos that the end-user must ...
2
votes
1
answer
230
views
How could we provide certainty to users that education material on phishing, isn't phishing itself?
This is a problem that has been bothering me somewhat.
I am able to run a phishing simulation campaign against users across the organisation. If the user clicks on a bad link they are directed and ...
68
votes
7
answers
5k
views
Which topics should a security training for non-IT persons contain?
(I am not sure, if this question fits the security.stackexchange-board, but the list of askable topics does not exclude this question imho and there are some examples)
I've worked for several ...
3
votes
1
answer
291
views
Best way to prevent phishing by turning off HTML links
phishing attacks are very common nowadays. Innocent victims click on suspicious links in emails and get infected. I know that to prevent phishing, one of the ways is to educate users on the proper ...