Information Security News mailing list archives
The CEO Cybersecurity Challenge
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 26 Jun 2019 07:53:20 +0000 (UTC)
https://www.davidfroud.com/the-ceo-cybersecurity-challenge/ By David Froud Fround on Security June 24, 2019It is with thanks to Chad Loder that I write this blog. His post on LinkedIn made me laugh out loud and is what inspired me to propose the CEO Cybersecurity Challenge (#ceocybersecuritychallenge). The very simple post was:
From: Security Team To: All Employees Subject: Security Awareness Training To opt out of this year’s security training, click here.Security experts will instantly see the simple genius of this social engineering tactic. In just 10 words you get:
1. Proof that the CEO doesn’t care [enough] about security – The CEO is ultimately responsible and accountable for the culture of an organisation. If the security culture is piss-poor, it’s their fault and no one else’s; 2. An understanding of which employees [likely] care little for security – if they go out of their way to AVOID taking security training, that’s bad; [...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- The CEO Cybersecurity Challenge InfoSec News (Jun 26)