Educause Security Discussion mailing list archives
Re: End-user Awareness Baseline(s)
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Fri, 30 Aug 2013 22:58:35 -0400
On Fri, 30 Aug 2013 11:25:07 -0400, "Eckrote, Jennifer" said:
We are rethinking our Targeted Awareness efforts, but we want to conduct an "End-user pre-assessment" - basically a baseline - so we can figure out which areas of Security Awareness need to be the focus.
At the risk of sounding snarky, but I've always worried that actually knowing the answers to those sort of questions would lead to heavy drinking on the part of the security team, which I admit not being an official part of - the org chart says I do network storage, backup, and punditry(*). Anecdotal evidence suggests that the only reason we're not more heavily phished than we are is because we have a large number of users who are unable to fill out the phish successfully. And after 3 decades in the business, I'm totally unsure of the above paragraph needs a :) or a :( on it. (*) OK.. Maybe I stretched the job description just a tad on "punditry" :)
Attachment:
_bin
Description:
Current thread:
- End-user Awareness Baseline(s) Eckrote, Jennifer (Aug 30)
- Re: End-user Awareness Baseline(s) Ben Woelk (Aug 30)
- Re: End-user Awareness Baseline(s) Valerie Vogel (Aug 30)
- Re: End-user Awareness Baseline(s) Valdis Kletnieks (Aug 30)
- Re: End-user Awareness Baseline(s) Ben Woelk (Aug 30)