Bitching about ineffective end user training... 

Why do we continue to against the bad behaviors we use as practice? A client just trained their staff not to click on links. They are a huge docusign shop and provided the users with no tools to spot real from fake. Only “don’t click from untrusted sources.” ... every related incident I have worked lately has been a from a third party.


Bitching about ineffective end user training... 

If you are in and tow the “security is users responsibility” line, try getting off your ass and staying on point with current threats, updating your content rules, detection tech (endpoint too, not just network). Security is your primary responsibility. The user has their own job!

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.