Show threadJonathan Kamens 86 47Jul 19, 2023
A 3rd #InfosecInstitute #SecurityAwareness training nit: mobile security training that says to avoid apps that request "networking access." That's not, by that name, a thing. It's not even clear that it can be restricted. I just checked apps on my Pixel and iPhone that I know use networking, and I couldn't find evidence of that in their permissions or a way to turn it off. Furthermore, many apps need networking to do their job. In short, this is useless advice for avoiding sketchy apps.
Show threadJonathan Kamens 86 47Jul 19, 2023
Another #InfosecInstitute #SecurityAwareness training complaint: their mobile security training recommends encrypting your phone, which is fine, but says the way to do that is "Look for encryption in your phone's settings." That advice is literally years out-of-date. All current Android and iPhone models encrypt the device automatically as long as you set up a lock screen (passcode, Face ID, etc.). Telling people to look for an encryption setting is sending them on a wild goose chase.
#infosec
Jonathan Kamens 86 47Jul 19, 2023
I've yet to find a #SecurityAwareness training program that doesn't include at least some F.U.D.
For example, the #InfosecInstitute training strongly emphasizes not using public wifi networks, even though they're usually fine (ref: https://consumer.ftc.gov/articles/are-public-wi-fi-networks-safe-what-you-need-know ).
If you tell people not to use public wifi, they're going to ignore you, because it's inconvenient. Instead, teach them how to recognize the signs of a malicious wifi network, e.g., SSL cert errors from your browser.
#infosec
Are Public Wi-Fi Networks Safe? What You Need To Know

Public Wi-Fi networks, or hotspots, in coffee shops, malls, airports, hotels, and other places are convenient. In the early days of the internet, they often weren’t secure.

Consumer Advice
acrypthash👨🏻‍💻Feb 7, 2023

This is awesome XD

https://www.infosecinstitute.com/iq/work-bytes/#embedded-form

#security #securityawareness #training #comedy #infosecinstitute

Work Bytes: Security Awareness Training Videos | Infosec

Engage your staff with this comedic office security awareness training series featuring a fantastic group of characters. Enable them to make choices that reduce human risk and increase security.

Infosec
Dick Smiths Fair Go SupportersApr 7, 2022

Here at the #InfosecInstitute we believe the single most secure thing we can do is send your data through #CloudFlare — and if you are lucky #CloudFront.

Its called #outsourcing, and it gives temporary safety.

#infosec #cyberSecurity #temporarySafety #notSecurity #dotCon

Show threadddench who art in infosec exchange Oct 2, 2019
@superruserr tbh I think most videos are lacking, which I guess is down to learning. The value is in assesment tools and labs, in my most humble of opinions. It looks like this #infosecinstitute offer will help fully experience their offering, thanks for sharing.
Show threadHCS ▋Oct 2, 2019
Their videos have much to be desired - and really I don't like videos that much unless it can help graphically explain a technical concept (ie Subnetting) but they have some labs that you can join in and practice as well as practice exams for various certs #infosecinstitute