In an earlier post, I spent some time talking about the recent contention that has arisen around the value of security awareness training. While my leanings tend to advocate the value of true (note word :) ) education, training, and awareness my major concern re: the current debate is that it tends to be absolutist -- i.e., either we focus on education and training or we pour our dollars into improving technology. In a recent article published in CSO Online, Geordie Stewart points out what should be obvious to us all: that there is room for improvement in both awareness and technology -- and that we need to be careful lest we allow our zealotry to blind us to the legitimate criticisms on both sides of the issue. Well worth a read. You can find a link to the article here.
No comments:
Post a Comment