Welcome to NBlog, the NoticeBored blog

I may meander but I'm exploring, not lost

Aug 31, 2013

Application security awareness module




In the dying days of August, just as we were busily finishing-off September's awareness module on application security, what should pop on to my screen but a new survey from Ponemon Institute on that very topic.  With some trepidation, I opened the report to see how its findings compared to our own research ... and was relieved to see that we had picked up on all seven of Ponemon's key issues, plus a few more due to our slightly wider scope.  

Does your security awareness and training program cover the information security aspects of application development, acquisition, management and use?  Does it even mention mobile apps, BYOD and cloud computing?  Go ahead, dust it off and take a look.  Does it talk to business and project managers, IT pros and employees in general about relevant security aspects that matter to them, in terms that make sense and resonate?  Does it successfully prompt a productive dialogue between executives and practitioners concerning application security risks and controls?  Does it highlight topical issues, pull up the latest research and thinking, capture employees’ imagination, and most of all motivate them to behave more securely?  If you catch yourself muttering “No” through gritted teeth, wishing that you had the time to do all that and more, find out what NoticeBored can do for you.  

Application security is one of over forty infosec topics in our awareness portfolio, while avoiding even a single serious application security incident will more than justify the annual subscription.  Security awareness is what we do - what we have done for over a decade in fact.  It's our passion.

Regards,
Gary (Gary@isect.com)