Abstract
Security awareness programs are wonderful: managers wonder why users fail password audits, awareness trainers wonder why they have to constantly remind people not to reuse their passwords for different accounts, and users wonder why they have to sit through yet another presentation telling them to craft unique passwords for each account. The information in a typical security awareness program is often well-known, yet organizations still have to deal with the very real risks that result from people not following or understanding the awareness material.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dave Aitel. Why you shouldn’t train employees for security awareness. CSO Online, July 2012. http://www.csoonline.com/article/2131941/security-awareness/why-you-shouldn-t-train-employees-for-security-awareness.html .
Oliver Rochford. Security awareness training: It’s the psychology, stupid! Security Week, September 2012. http://www.securityweek.com/security-awareness-training-its-psychology-stupid .
Ponnurangam Kumaraguru; Yong Rhee; Steve Sheng; Sharique Hasan; Alessandro Acquisti; Lorrie Cranor; Jason Hong. Getting users to pay attention to anti-phishing education: Evaluation of retention and transfer. Technical report, Carnegie Mellon University, 2007.
SANS. 2015 security awareness report. Technical report, SANS Securing The Human, 2015. http://www.securingthehuman.org/media/resources/STH-SecurityAwarenessReport-2015.pdf .
Samantha Manke; Ira Winkler. The habits of highly successful security awareness programs: A cross-company comparison. Technical report, Secure Mentem, 2012. http://www.securementem.com/wp-content/uploads/2013/07/Habits_white_paper.pdf .
Sean Gallagher. DHS infosec chief: We should pull clearance of feds who fail phish test. Ars Technica, September 2015a. http://arstechnica.com/security/2015/09/dhs-infosec-chief-we-should-pull-clearance-of-feds-who-fail-phish-test/ .
Taylor Armerding. Millennials becoming known as Generation Leaky. CSO Online, February 2015. http://www.csoonline.com/article/2884638/security-awareness/millennials-becoming-known-as-generation-leaky.html .
Tim Greene. Phishing scams dupe the most active online users. Network World, April 2011. http://www.networkworld.com/article/2201901/malware-cybercrime/phishing-scams-dupe-the-most-active-online-users.html .
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2017 Jordan Schroeder
About this chapter
Cite this chapter
Schroeder, J. (2017). Challenges Faced by Organizations. In: Advanced Persistent Training . Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-2835-7_1
Download citation
DOI: https://doi.org/10.1007/978-1-4842-2835-7_1
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-2834-0
Online ISBN: 978-1-4842-2835-7
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books