https://www.davidfroud.com/the-ceo-cybersecurity-challenge/
By David Froud
Fround on Security
June 24, 2019
It is with thanks to Chad Loder that I write this blog. His post on
LinkedIn made me laugh out loud and is what inspired me to propose the CEO
Cybersecurity Challenge (#ceocybersecuritychallenge). The very simple post
was:
From: Security Team
To: All Employees
Subject: Security Awareness Training
To opt out of this year’s security training, click here.
Security experts will instantly see the simple genius of this social
engineering tactic. In just 10 words you get:
1. Proof that the CEO doesn’t care [enough] about security – The CEO is
ultimately responsible and accountable for the culture of an
organisation. If the security culture is piss-poor, it’s their fault
and no one else’s;
2. An understanding of which employees [likely] care little for security –
if they go out of their way to AVOID taking security training, that’s
bad;
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
