SysManNews
  Sort By :
DEPARTMENTS
HOME
TOP STORIES
DATA CENTER NEWS
EVENTS CALENDAR
RESOURCE CENTER
  RSS
ADVERTISE
 
 
 
 
ON THE WEB
SITE MAP
PRIVACY POLICY
CONTACT US
REPORT A BUG
 
 
 
 
 
 
BZ MEDIA
ABOUT US
NEWS
BZ RESEARCH
SD TIMES
SPTECHCON
 
 
 
 
 
print Printable version 
The Greatest Security Flaw Is People, Stupid
By Alex Handy

April 18, 2008 — Five years ago, Winn Schwartau decided that network security was pretty much a solved problem. Sure, there are still many potentially debilitating attacks that can’t be blocked, and a determined attacker is still the most dangerous of threats. But Schwartau saw a much more significant hole in enterprise security: the minds of its employees.

That’s why Schwartau founded SCIPP, a non-profit organization that trains and certifies non-technical users. Schwartau’s programs favor engaging speakers and a flair for entertainment and humor, rather than simply threatening the users with punishments for not following security guidelines.

“There are techniques for measuring the security awareness knowledge base. In advertising they do the same thing. They measure and gauge response through feedback mechanisms and market testing,” said Schwartau. “We do the same thing with SCIPP. It’s not just sending out one e-mail a year. It’s an ongoing campaign based upon impressions.”

Schwartau took issue with traditional security classes for non-technical users. “The difference is they go, ‘Thou shalt not do this.’ An enterprise worker goes to work and doesn’t care about policies. He cares about getting a paycheck. What he does care about is protecting his family. I can teach you how to protect your kids and how to protect your identity, then I said, ‘By the way, this is all we want you to do at work.’ Instead of HIPAA, we might call it you personal info. Instead of Sarbanes, we use your credit card number,” said Schwartau, describing typical examples of data he teaches to protect.

Schwartau’s non-profit, SCIPP, performs classes around the US and can be found online at www.scippinternational.org.


Related Search Term(s): Security


Share this link: http://www.sysmannews.com/link/32053
 
EMAIL THIS ARTICLE
SEND FEEDBACK
MORE TOP STORIES


technorati icon
Share on FriendFeed
 
 
 
  Search
 
 
 
Get Notified about the latest Systems
       Management Resources!
Subscribe to SharePoint Tech Report

 
 
 
ADVERTISER LINKS

Altova 
APC
 
Avocent
AVTECH Software
 
Coyote Point
DNSstuff
 
dtSearch
EventSentry (Netikus)
 
GroundWork Open Source
Idera
 
KACE
Lieberman Software
 
LinMin
Microsoft
 
NetApp
PowerGadgets
 
Raritan
Red Gate Software
 
Rose Electronics
Sanbolic
 
SolarWinds
Special Operations Software
 
SQL Sentry
Sunbelt Software
 
Symark International
VMware
 
 
LOADING...
 
IDGTechnet