Sort By :
Date
Relevance
DEPARTMENTS
HOME
TOP STORIES
DATA CENTER NEWS
EVENTS CALENDAR
RESOURCE CENTER
RSS
ADVERTISE
ON THE WEB
SITE MAP
PRIVACY POLICY
CONTACT US
REPORT A BUG
BZ MEDIA
ABOUT US
NEWS
BZ RESEARCH
SD TIMES
SPTECHCON
Printable version
AS OF 9/6/2010 3:11AM EST
The Greatest Security Flaw Is People, Stupid
By
Alex Handy
April 18, 2008 —
Five years ago, Winn Schwartau decided that network security was pretty much a solved problem. Sure, there are still many potentially debilitating attacks that can’t be blocked, and a determined attacker is still the most dangerous of threats. But Schwartau saw a much more significant hole in enterprise security: the minds of its employees.
That’s why Schwartau founded SCIPP, a non-profit organization that trains and certifies non-technical users. Schwartau’s programs favor engaging speakers and a flair for entertainment and humor, rather than simply threatening the users with punishments for not following security guidelines.
“There are techniques for measuring the security awareness knowledge base. In advertising they do the same thing. They measure and gauge response through feedback mechanisms and market testing,” said Schwartau. “We do the same thing with SCIPP. It’s not just sending out one e-mail a year. It’s an ongoing campaign based upon impressions.”
Schwartau took issue with traditional security classes for non-technical users. “The difference is they go, ‘Thou shalt not do this.’ An enterprise worker goes to work and doesn’t care about policies. He cares about getting a paycheck. What he does care about is protecting his family. I can teach you how to protect your kids and how to protect your identity, then I said, ‘By the way, this is all we want you to do at work.’ Instead of HIPAA, we might call it you personal info. Instead of Sarbanes, we use your credit card number,” said Schwartau, describing typical examples of data he teaches to protect.
Schwartau’s non-profit, SCIPP, performs classes around the US and can be found online at
www.scippinternational.org
.
Related Search Term(s):
Security
Share this link:
http://www.sysmannews.com/link/32053
EMAIL THIS ARTICLE
SEND FEEDBACK
MORE TOP STORIES
FACEBOOK
Share on Twitter
del.icio.us
 
 
Get Notified about the latest Systems
Management Resources!
Subscribe to SharePoint Tech Report
ADVERTISER LINKS
Altova
APC
Avocent
AVTECH Software
Coyote Point
DNSstuff
dtSearch
EventSentry (Netikus)
GroundWork Open Source
Idera
KACE
Lieberman Software
LinMin
Microsoft
NetApp
PowerGadgets
Raritan
Red Gate Software
Rose Electronics
Sanbolic
SolarWinds
Special Operations Software
SQL Sentry
Sunbelt Software
Symark International
VMware
LOADING...