Home to Geordie Stewart's blog on information security awareness, risk communication and security ethics.

Risk IntelligenceRisk Intelligence
Risk Intelligence
Information Security Awareness
  • Home
  • About us
  • Services
  • Awareness Blog
  • Follow Us
  • Contact us
Menu back  
View allBlogConferencesFeaturedMental ModelsOrganisational CulturePrivacyRisk CompensationRisk PsychologySafetySecurity AwarenessSecurity EconomicsSecurity MetricsSurveillanceTrust
Date Name
DescAsc
Apr42018

Getting Permission To Use HaveIBeenPwned From Your Legal Dept

When people use their work email addresses to register for external websites it causes a security risk because so many people reuse the same password for all their accounts. When an external account is breached and the password is disclosed it means that our internal systems could be at risk as well as other external…

Details
4th April 2018Leave a commentBlog, Security AwarenessBy Geordie
Jun72017

Rumor Has IT: How Fake News Damages Cyber Security

We’re struggling to manage cyber security risk. Partly it’s because attackers are more agile than defenders. But it’s also because we struggle to get accurate information to make good risk management decisions. To make good risk management decisions we need to understand who the threat actors are, their capabilities, how likely it is that we…

Details
7th June 2017Leave a commentBlog, Risk Psychology, Security Awareness, TrustBy Geordie
Feb112017

The Craziest Information Security Stories Of 2016

It’s been a huge year for information security in the public eye. Security was constantly in the news and has popped up in ways we never expected. Who could have guessed that phishing attacks and a private email server would help derail a US presidential campaign? We had Apple vs the FBI. Much like the…

Details
11th February 2017Leave a commentBlog, Privacy, Security Awareness, SurveillanceBy Geordie
Oct252016

Five Minutes With Lance Spitzner

This month I caught up with Lance Spitzner, Director of SANS Securing The Human. Lance has over 20 years of security experience in cyber threat research, awareness and training.  He invented the concept of honeynets, founded the Honeynet Project and has published three security books. Lance has worked and consulted in over 25 countries and helped more than 350 organizations plan, maintain…

Details
25th October 2016Leave a commentBlog, Security AwarenessBy Geordie
Feb12016

Baby Steps

There’s great news in the quest for improving security awareness. Help is at hand from a new joint publication from the Research Institute in Science of Cyber Security (RISCS), Hewlett Packard Enterprise (HPE) and CESG – the UK government’s National Technical Authority for Information Assurance. Awareness Is Only The First Step is a superb précis of best…

Details
1st February 20161 CommentBlog, Security AwarenessBy Geordie
Jan32016

The Security Advice Magic Quadrant

The challenge of how we structure, analyse and select the security advice we deliver to end users has been a reoccurring topic in this column. We can’t provide unlimited advice to unlimited people so we need to prioritise. Costs need to be understood. We need to consider not just the displacement of productive activities for…

Details
3rd January 2016Leave a commentBlog, Security AwarenessBy Geordie
Dec172015

Security Awareness in 2015

It’s been a huge year for security awareness. Terrorist attacks, corporate security breaches and ongoing concerns about government surveillance have meant that people are more aware of information security than ever before. Everyone from politicians to pensioners has been talking about who has access to their data. The beginning of the year saw a lively…

Details
17th December 2015Leave a commentBlog, Privacy, Security Awareness, SurveillanceBy Geordie
Nov62015

Security Awareness Tips From A Social Engineer

Exploiting human firewalls through social engineering is an increasingly popular method of attack. Recently, a hacker has claimed that they compromised CIA Director John Brennan’s email by tricking a Verizon employee into divulging details of his account. These human exploits are likely to get worse as technical controls improve and organizations continue to liberalize their…

Details
6th November 2015Leave a commentBlog, Security AwarenessBy Geordie
Oct12015

What the TJ Hooper Case Means for Security Awareness

For those not familiar with the case, TJ Hooper was a landmark in tort law that established an important standard for negligence. The case was heard in 1932 to assign liability for a lost cargo. A tug towing the cargo on a barge had set to sea in good weather but later that night there…

Details
1st October 2015Leave a commentBlog, Security Awareness, Security EconomicsBy Geordie
Sep12015

7 Habits of Highly Successful Security Policies

Security policies are a great opportunity to influence behaviour. Unfortunately, for a variety of reasons they’re not usually as effective as they could be. Despite our efforts to sell the value of information security, actually reading a policy is less popular than a fart on a plane. There’s a reason that a security policy has…

Details
1st September 2015Leave a commentBlog, Security Awareness, Security MetricsBy Geordie
1234
Next page
Recent Posts
  • Getting Permission To Use HaveIBeenPwned From Your Legal Dept
    4th April 2018
  • The Craziest Information Security Stories of 2017
    4th January 2018
  • Rumor Has IT: How Fake News Damages Cyber Security
    7th June 2017
  • The Craziest Information Security Stories Of 2016
    11th February 2017
Categories
  • Blog(61)
  • Conferences(2)
  • Featured(1)
  • Mental Models(9)
  • Organisational Culture(8)
  • Privacy(8)
  • Risk Compensation(2)
  • Risk Psychology(19)
  • Safety(4)
  • Security Awareness(38)
  • Security Economics(11)
  • Security Metrics(8)
  • Surveillance(8)
  • Trust(6)
Risk Intelligence
Copyright © 2015 Risk Intelligence Ltd.
  • Home
  • About us
  • Follow Us
  • Contact us
Footer