Humans are the most hackable item in the information systems bus. We can patch and anti-virus and firewall ourselves stupid, but one human clicking still trumps all that.
Pete Herzog has a seminar called “Smarter Safer Better” (see http://www.isecom.org/seminars.html), a title that eerily presages this recent DarkReading article (thanks to Herbbie), When Will End Users Stop Being Fooled By Online Scams?” at http://www.darkreading.com/security/attacks-breaches/240002116/when-will-end-users-stop-being-fooled-by-online-scams.html.
So when author Tim Wilson poses this question…
Despite millions of dollars in security tools and hours of awareness training, many organizations still find themselves breached by phishing and old-school social engineering attacks. Is there a way to build a better, smarter user?
…I can at least say I do know of one proven effective training. Proven effective humans, on the other hand, are very hard to find.