Security awareness is a bit of a bitch. We know we need it, and we know that people don’t really want the typical kind of “security awareness” training under the best of times. And you can pretty-well, damn-near guarantee the last thing people want to hear about right now is a bunch of COVID-driven, mandatory […]
Why “don’t click links” is credibility-killing cybersecurity advice
A couple of days ago, Mike Johnson, who was the former CISO of Lyft, started a thread on LinkedIn about bad cybersecurity advice that must die. His contribution to the thread was the oft espoused “don’t click links” mantra of many in our industry—including some people who I respect. I have to agree with him. […]
