Special Guests: Dave Aitel, Lance Spitzner, Javvad Malik, Dameon Welch-Abernathy (aka “Phoneboy”), SpaceRogue

Of all the topics we discussed for this episode none sparked more passionate debate than the effectiveness of end user security awareness training. On one side, its something that we must do in order to help our organization’s be resilient to attack. Users must be trained not to “click shit”, succumb to social engineering and ignore malicious behavior. On the other side of the fence, its a waste of time. Not all users will “Get it”, and the attackers may only need one user to be a victim. The threats are constantly changing, so users will need constant training, and security will just “get in the way”. Somewhere in the middle perhaps is a happy medium.

Episode 300 Show Notes

Episode 300 Part 2 (mp3)

Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

About the author

Paul Asadoorian is the Founder & CEO of Security Weekly, where the flagship show recently re-titled "Paul's Security Weekly" has been airing for over 8 years. By day he is the Product Evangelist for Tenable Network Security. Paul produces and hosts the various shows here at Security Weekly, all dedicated to providing the latest security news, interviews with the industries finest and technical how-to segments. Paul is also the founder and host of "The Stogie Geeks Show", featuring cigar reviews for cigar enthusiasts.