A new 'how to' piece on eHow.com titled Information Security Awareness & Training is curiously deficient. I'm puzzled that someone who presumably feels they have expertise in the subject would write such a piece that refers almost exclusvely to technical IT security controls. There is no significant mention of human factors, nor any pragmatic help on how to plan, organize, develop, deliver, measure and maintain an infosec awareness & training program. It's so bad, I hardly know where to start criticising it.
Blog comments are welcome but, unlike eHow.com, there's no need to register your details or commit to writing more content.