security awareness

Time to stop blaming the victim, part deux

It started a couple weeks ago with the almighty Bruce Schneier expressing a rather controversial opinion: ...[that] training users in security is generally a waste of time, and that the

bit.ly considered harmful (or: let's stop blaming the victims)

 A colleague, whose company had suffered from a sophisticated security breach last year, recently shared with me some of the awareness materials that