I've been away from the blog for a few days (lots of work to do before Black Hat), but I took note of this little article from Dark Reading. This is a discussion about the value and results of training users. I have mixed feelings about it. I really believe that training users must be part of a security program. However, I must also admit that there are limits about the effectiveness of this measure. Afterall, they are humans. You can make 80% of your users avoid problems, but 20% will certainly look for them even after months of training.
Fix Users
Fix Users
Fix Users
I've been away from the blog for a few days (lots of work to do before Black Hat), but I took note of this little article from Dark Reading. This is a discussion about the value and results of training users. I have mixed feelings about it. I really believe that training users must be part of a security program. However, I must also admit that there are limits about the effectiveness of this measure. Afterall, they are humans. You can make 80% of your users avoid problems, but 20% will certainly look for them even after months of training.