Re: End-user Awareness Baseline(s)

[Valdis Kletnieks <Valdis.Kletnieks () VT EDU>]

On Fri, 30 Aug 2013 11:25:07 -0400, "Eckrote, Jennifer" said:
> We are rethinking our Targeted Awareness efforts, but we want to conduct an
> "End-user pre-assessment" - basically a baseline - so we can figure out
> which areas of Security Awareness need to be the focus.

At the risk of sounding snarky, but I've always worried that actually knowing
the answers to those sort of questions would lead to heavy drinking on the part
of the security team, which I admit not being an official part of - the org
chart says I do network storage, backup, and punditry(*).  Anecdotal evidence
suggests that the only reason we're not more heavily phished than we are is
because we have a large number of users who are unable to fill out the phish
successfully.

And after 3 decades in the business, I'm totally unsure of the above
paragraph needs a :) or a :( on it.

(*) OK.. Maybe I stretched the job description just a tad on "punditry" :)

Attachment: _bin
Description: