Awareness, A Never Ending Struggle
By Douglas Alred
The setting is a large federal government owned facility operated by a major contractor with quite a number of sub contractor personnel also on site. All contractors and sub contractors are required to attend computer security awareness training by their federal customer. Training rosters are signed and entered into tracking to document that yes, all personnel have received the required training. This may satisfy any government and company requirements but the real test occurs every day. Will employees follow the guidance they have been given in awareness training? Below are some example scenarios that could take place.