Oct 042012

By Dominic Vogel at TechRepublic.com…

Over the past several months, since notable security professional Dave Aitel proclaimed that security awareness was a complete waste of time, much has been written both for and against his arguments. I am not going to bother to add to the litany of articles. Regardless of your opinion about security awareness as a risk mitigating control, all information security professionals should be capable of at least describing, at a high-level, the concept of security awareness. Picture this scenario: you are tasked with talking about security awareness with your business colleagues. One stipulation – you have only five minutes to deliver your message. So other than constructing a machine to slow down time, how would you attempt to effectively describe security awareness in 300 seconds? My approach: take out all the techno-babble and appeal to people’s common sense.

via Five-minute security: The elevator pitch | TechRepublic.

 Posted by at 10:00 am

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



This site uses Akismet to reduce spam. Learn how your comment data is processed.