top of page

Why Security Awareness Alone Won’t Stop Hackers

On one level, I agree with the general premise of this article in that certain attack vectors cannot be addressed by better end user awareness training alone.  The very nature of a “low and slow” attack is deceptive and difficult to defend against, but their are methods to address it including close monitoring of critical systems using a baseline system function approach.  That said, awareness training remains vital and still effectively defends against many of the most successful attack vectors including social engineering and access control compromises.


Recent Posts

See All

Rethinking Software in the Organizational Hierarchy

I very much enjoyed this article from Pieter Danhieux via Dark Reading and this creative approach to the management of applications and hierarchical security. The concept of least privilege and the d


bottom of page