Welcome to HumanSAMM.   This is a project designed to address the human element of cybersecurity.  The HumanSAMM (Human Security Assurance Maturity Model) which aspires to create a framework to address all human based cybersecurity concerns.   This is the first release which answers the question of how to patch stupid.

10,000 Foot Overview

Problems with traditional SATE (Security Awareness Training & Education)

  • Binge Training is not effective
  • Poor metrics & even poorer understanding of individual risk
  • Programs are one size fits all
  • Lack of Human Intervention
  • Lack of Just-in-time education
  • Boring Content
  • Not Enough Spear Phishing

HumanSAMM SATE Methodologies

  • Micro-Training (high frequency short training)
  • Mass Customization (Unique programs for each user)
  • Need Based Human Intervention
  • Entertaining & Short Content
  • High frequency attack emulations (Phishing & Spear Phishing)
  • Key Metrics Defined
  • Defined JIT (Just-In-Time) Training moments