Cat Massage and Security Awareness
April 12, 2011
A friend posted an awesome video on Youtube today.
Unfortunately, it reminded me of far too many of the security awareness videos I’ve seen in the past few years – entirely focused on the message and without any real thought about the presentation. The goal of your security awareness campaign isn’t to end up on Everything Is Terrible. It’s to change the behavior of your users.
Let me ask you… did that video make you want to run out and massage your cat? Or let that lady within 100 yards of your cat?
I’d encourage you to ask the same question about your users and security awareness… do the videos you’re showing your users actually make them want to DO something? If not, you’re wasting time, money and effort….
People Aren’t Puppies
October 25, 2010
Mike Murray, Managing Partner of MAD Security and lead instructor of The Hacker Academy has been on a speaking rampage and from the looks of it things will continue that way for a while. Last week Mike followed a talk given by the President’s White House Cybersecurity Coordinator Howard Schmidt. They spoke to about 300 people at the first TSA (Transportation Security Administration) Cyber-Security Summit. There were people from TSA, other government agencies as well as corporations within the transportation industry, railroads, airlines… Social Penetration was the topic of Mike’s talk mixed with security awareness, the good, the bad and the ugly. To sum it up people are not puppies and such don’t deserve to be treated that way. Question to ask when working on security awareness within your organization…how do we know if what we are doing is working. If you are lucky enough to hear Mike’s talk you will have that answer 
MAD is Hiring
April 25, 2010
The beauty of being a small but fast-growing security consulting firm is that I get the opportunity to hire awesome people often. We really like hiring super-stars either as W2 employees or 1099 contractors.
Right now, we’ve got some openings that we need to fill somewhat quickly:
Check these out – if you think you might be a fit for them (or for any other position that we haven’t listed), send us an email as described on the application page.
Hello world!
January 18, 2010
And welcome to MAD Security. It seems that I’ve done this a few too many times now – starting the nCircle blog, the Neohapsis Labs blog and others.
And, now, I’m writing the first blog entry at our new company, MAD Security.
Those that are used to working with us will notice all the same things that you’re used to – brilliant staff, project management discipline and a commitment to solving the real problems that our clients have.
But you’ll probably also notice some new things. We’re going to be more active in the market and more active in the industry. We’ll work with more partners and vendors. (But only those who share our commitment to doing the right things and, as my friend Sheldon says, “raise the bar” on getting this industry where it’s supposed to go.) And we’re going to be relentless in our pursuit of helping clients get their security right.
Because, more than anything, we’re MAD. In the Tom Peters we-want-to-make-massive-change-and-make-the-world-more-secure sort of way. In the we-won’t-settle-for-less-than-making-our-customers-insanely-better-and-more-effective sort of way. And in the we-won’t-settle-for-less-than-totally-amazingly-cool-and-awesome-work sort of way.
And we hope you’ll get MAD too.
