I think that the comments were far more instructive than the article itself.
*>>I'll admit, it's hard to find broad statistical evidence that supports this point-of-view* I've seen marked improvement in internet behavior in 3 different organizations where I was able to implement security awareness training. We went from more than 60% clicking on things they shouldn't, to less than 5% based on monthly testing. This had a very tangible benefit in security remediation, which saved tons of time and effort. I submit that if your security awareness training isn't working, then it's the specific implementation of training that should be evaluated, not the entire concept of training. * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Wed, Jul 18, 2012 at 3:43 PM, Kurt Buff <[email protected]> wrote: > I must say, I have to agree, for most business cases > > > > http://www.csoonline.com/article/711412/why-you-shouldn-t-train-employees-for-security-awareness > > > OTOH, I don't think you have much alternative when dealing with family > and friends - training is pretty much all there is. > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
