PowerBlog Review: Security Awareness
Editor’s note: Welcome to the fifty-sixth in our series of PowerBlog Reviews of business weblogs.
Security Awareness for Ma, Pa and the Corporate Clueless is a blog by the Security Awareness Company, headquartered in Seminole, Florida, USA. The company teaches computer users to combat security threats with personal knowledge and not to just rely on technology, by becoming “security aware” about avoiding viruses, managing passwords and protecting vital information.
The company views the blog as the central piece in their guerrilla marketing strategy on the internet. The company is in the training and education business. Having a blog to publish content is central to the company’s business. Greg Hoffman, the Chief Marketing Officer of the company tells me:
“Our CEO, Winn Schwartau, is a legendary expert in the Computer Security Industry. For the last twenty years, Winn has written more than a dozen books and thousands of articles on topics ranging from Information Warfare to Internet ethics for kids. We needed to find a vehicle for all of this accumulated content and give computer users tips and tricks about how to protect themselves. The blog has become a central publishing house for security awareness content.”
The company is in the business of selling training and education, yet it gives away considerable content through the blog.
The posts are a combination of current news items about computer and cyber security, and mini-tutorials on topics such as “What’s a virus?” They strive to give a balanced view of the topic of security. For instance, there is a post that points out that not all hackers are bad.
The blog also features guest posts by bloggers with special expertise, including this post on resume fraud.
The company combines the blog with a newsletter, not in place of the newsletter. They also offer RSS feeds as a third strategy for delivering their messages and connecting with prospects and customers. The blog always features prominently in the monthly newsletter.
They use an interesting way to integrate the blog with their commercial website. On the blog is a graphic that looks like a school chalkboard advertising online security courses for $5.00 each. The graphic links directly to the online courses. I don’t know how many courses the company sells through the blog, but at $5.00 it has to be close to an impulse buy, so presumably they would sell well.
To attract traffic to its blog the company has used a combination of techniques. They submitted the blog for various awards and recognitions, including USA Today for which they were named as a Hot Site. They also cross-link with relevant-topic blogs and sites.
I asked Greg his advice for newbie bloggers. He says to make sure the content is something the target audience cares about, and stick to the message. But at the same time, listen to your audience and adapt accordingly. He also advises coming up with a plan and a schedule for blogging.
The Power: The Power of Security Awareness for Ma, Pa and the Corporate Clueless blog is in the way it is central to the company’s online strategy as a place to house writings on computer security. They’ve turned it into an unintimidating, welcoming place for those without technical knowledge.
March 23rd, 2006 at 8:06 pm
[…] Review 56: Security Awareness […]
April 6th, 2006 at 6:25 pm
SOX being attacked @ Richard T. Kusiolek 4/4/06
The forces to kill a 2002 Federal Law are being mounted. The goal is to rescind the Sarbanes-Oxley Act which was inspired by Ken Lay of Enron and Bernard Ebbers of WorldCom who received a 25 year prison sentence. Congress seems to have stepped over the Constitutional fences in delegating its powers to a Public Company Accounting Oversight Board outside of its jurisdiction. The Board was to set standards regulating CPA firms and the Big Four Accounting firms. The Oversight Board charges public companies a fee to run its daily operations. SOX is a compliance element in the broad IT category of IT Compliance and Risk Management that enterprises are coping with. Due to SOX, small public companies are now in greater risk of going out of business.
In March 2006, The SECs Advisory Committee on Smaller public companies posted a draft recommendations stating that the SEC should exempt micro-cap companies with less than $125 million in annual revenue and small-cap companies with less than $10 million, from the accounting provisions of the Act’s Section 404. It is very clear that small companies can’t afford Big Four firms. Sarbanes-Oxley consolidates auditing services into the hands of the remaining Big Four firms, putting a financial squeeze on smaller firms seeking their services. The SEC advisory committee recommends relief from an external audit for companies with market caps of up to $500 million, impacting mostly those with revenues of $10 million to $250million.
Many IT Business Services firms continue to build a pool of security consultants with experience; however they must be proven consultants. Developing the balanced attention to Operational effectiveness, Control compliance, and Process improvement are critical for the peace of mind for the company’s CEO. The first step for SOX consulting is to divide IT into domains to simplify internal testing. Without doubt realistic expectations must exist. There is always the evaluation of exceptions and a reliance of compensating controls. However, expectations must be set that the firm can understand and approve.
Any small business must insist that a strong project management function exist with their SOX IT Consulting firms. In the beginning stage, it is very critical to involve process owners. The steps are basically: walk-through, remediate and test. After that process is successful, it is necessary to work with external auditing groups and to develop the test grid.
SOX is not going to go away. It is pure speculations that Congress will ever allow the financial melt down to happen again. Also all investors are demanding to have an auditing process that is separate from some of the Big Four firms who actually enabled the abuses that manifested in double accounting, off-the-books accounting, and inflated revenues. SOX done right can save a CEO from going to prison.