Search NoticeBored.com

The links collection and blog are not the only pages that change often on this site. As you’ll see from the website history below, both the NoticeBored products and this website are constantly evolving. We are proud of our record of innovation, finding new ways to make security awareness more interesting and effective. Check this page to keep up with developments and by all means get in touch if you have input that would help us retain our creative edge in this competitive market. Take the lead with NoticeBored and leave our competitors for dust.

May 2008 - Trust, integrity and fraud

29 Apr: released a new awareness module covering trust, integrity and fraud, all in the context of IT or, more precisely, information.

April 2008 - IT audit

12 Apr: added a FAQ section to the policy manual page, explaining how we envisage the policy manual being of value.

28 Mar: it’s been more than three years since we last covered IT audit in the awareness program. We’ve substantially extended and completely revised the materials originally supplied.

March 2008 - malware

16 Mar: updated the Why awareness? white paper on the subject of security awareness as glue.

27 Feb: released a revised and extended core awareness module on malware (viruses and other PC infections).

February 2008 - Plan B

Released an extensively updated awareness module on “Plan B” i.e. disaster contingency planning (DCP), resilience, business continuity planning (BCP) and disaster recovery planning (DRP). If we think of any more three letter acronyms, we’ll be in touch. Total site overhaul - increased the default page width to take advantage of modern displays and reduce the amount of up/down scrolling. Pixel-challenged visitors will find it harder to navigate the site but we believe they are well and truly in the minority now. Corrected many page descriptions which had been neglected for too long. Pulled the old press releases. Made minor updates to the NoticeBored Classic product data sheet page.

January 2008 - office security

Released a brand new module on information security issues for the average office or similar workplace. Also published a book review on Computer Security for the Home and Small Office. Added an extract from NERC standard CIP-004 to the Why awareness? paper and total immersion security awareness section. Added a white paper on the state of IT auditing, published in EDPACS. Updated the customer page, now more than 50. Explained the concept of total immersion security awareness. 

December 2007 - Social engineering

Released the module on social engineering, one of our ‘core modules’ that we believe every information security awareness program should cover, though not all do. Also fixed some broken links. Added a customer endorsement from Alliance Data (thanks Shannon!). Added a quotation to the induction module page.

November 2007 - Security compliance & Induction module

The ‘laws, regs and standards’ module has a new name: security compliance. Published the 2008 awareness calendar and a fully revised and updated induction module (a free bonus to NoticeBored licensees).

October 2007 - Physical [information] security

My how time flies when you’re busy! Is it really three years since we last released a module on physical security and environmental protection of information assets? Definitely high time for an update. The module has swelled to over 80Mb of rich content. Publishing it took about 6 hours due to lightning storms constantly interrupting our satellite link - lightning being just one of many issues covered in the module. Uploaded a sample of our new security awareness tests. Added new quotes here and there, including one from the venerable Donn Parker on the need for motivation not just awareness. Linked to a podcast on security awareness by Watchfire’s Scott Pinzon.

September 2007 - Email security

Released an updated module on email security. The recent STORM worm/malware emails remind us to be on our guard when reading the mail and there are many other email security issues to beware of. As the NZ dollar is falling, so are our prices for customers based overseas. Updated the NoticeBored Plus price page to reflect a change in the way we calculate prices. Noted the imminent release of a new type of awareness deliverable on the home page (details to follow in next month’s newsletter, due out in the next few days).  Quoted from an ITCI report on accountability to explain how NoticeBored’s management stream helps managers ‘look smart’ in front of employees. Updated the business case for security awareness. It has stood the test of time well but has been updated with a longer list of awareness topics etc. Updated the policy manual description to explain more about what it is. It’s a fabulous time saver! Why suffer disjointed and incomplete IT security policies when salvation is less than US$300 away? Found time to start Spring-cleaning the links collection. It’s a rotten though necessary job but it will take a while to find and clear out all the junk.

August 2007 - Trade secrets

Another brand new awareness module about protecting trade secrets against industrial espionage. Reduced the price of the ISO 27001 policy manual to US$295. Published a review of Lessons Learned in Software Testing.

July 2007 - User authentication

Released an updated module on user authentication. To celebrate this 50^th NoticeBored Classic module, announced a special discount offer for new subscribers during July (later extended to August). Added a pertinent new quote to the white paper on creating a security culture. Revised the information security policy manual. Reviewed The Insider and Corporate Espionage books. Sorted out the links collection and fixed a metric tonne of broken links. Thanks to the surging NZ dollar and falling income from export orders, we have regretfully had to announce increases in our US$ prices. Sorry but it’s not our fault the NZ economy is so strong (OK, maybe it is!).

June 2007 - Privacy and data protection

Released a revised module covering privacy issues and data protection controls. Also noted our invitation to present on security awareness at Oceania CACS in September. Reviewed Zen and the Art of Information Security, reviewed two IDEO books on innovation and Net Crimes & Misdemeanors. Revised the About NB Classic pages to emphasize the monthly topics and distinct streams of material for the three audiences. NoticeBored is four years old this month!

May 2007 - Insider threats

Released a brand new insider threats awareness module. Prompted by a comment from a Forrester Research consultant, published a profile of our customers. Reviewed an Insider Threat book - not one we’d recommend, I’m afraid. 

April 2007 - Network security

Released the network security module. Finally made time to publish the promised review of Know Your Enemy. Also reorganized the freebies (white papers etc.) and book reviews pages and updated some quotations in the links collection.

March 2007 - Malware

Released an updated module on viruses, worms, Trojans and other nasties. Also published a review of Google Hacking and reorganized the book reviews and white papers. Updated the policy manual page and gave a glimpse into our passionate world of security awareness. 

February 2007 - Database security

Released a completely new awareness module on database security. Updated our white paper on the value of security awareness. Added module listings to the module listing (!). See what you missed! Made various updates to the links collection. Published a note about ISO/IEC 27000/27001/17799 presentations around New Zealand at the end of March/early April. Re-wrote the NoticeBored Plus product data sheet to reflect a new release of SecureAware.

January 2007 - Intellectual Property Rights

Published an updated module on IPR covering copyright, patents, trademarks etc. Reviewed an $8 computer security employee awareness booklet. Quoted the late great Laurie McQuillan CISSP on the risks links page. Uploaded two more samples of our wares. Published a harsh but fair review of Enemy at the water cooler. Quoted (ISC)²’s John Colley on the About NB Classic page. Updated the CISSPforum FAQ a little.

December 2006 - Social engineering

Released the module on social engineering, one of the core topics since security awareness is such an important control against this form of attack. Split the long awareness posters page into separate pages for each month making it easier to browse the collection. Published our customary security security awareness calendar to herald the arrival of another year. Clarified the pricing and added a nice box shot to the NB Classic price page. Updated the NB Plus pages with information on the new release of Neupart’s award-winning SecureAware ISMS software. Updated the NB Classic benefits page with a section on the security awareness toolkit.

November 2006 - Accountability and responsibility

Released the module on accountability, responsibility, information asset ownership and related concepts.  Knocked US$100 off the price of our ISO/IEC 27001/2-based generic information security policy manual. Made a security awareness presentation on social engineering to a meeting of the NZCS ISSIG and ISACA in Wellington, New Zealand, on Computer Security Day (Nov 30^th). Moved office again, this time to Wanganui, New Zealand. Contact details and Classic product data sheet updated.

October 2006 - IT incident management

Published the awareness module on notifying, responding, resolving and learning from information security incidents. Updated the NoticeBored Classic samples with PDFs of the complete module on identity theft. Published the CISSPforum FAQ. Combined the ‘ownership of information assets’ links collection page into the accountability, roles and responsibilities page since they are so closely aligned and are covered together in next month’s module. Added a new page describing the back catalog, a whole library of creative materials to supercharge your security awareness program.

September 2006 - Portable IT security

Released a revised module on security for portable/mobile computing, teleworking and wireless networking.  Used the ‘unconscious competence’ psychological model of learning to explain our approach on the About NB page. Uploaded more samples including a more or less complete set of materials from last month’s identity theft module and samples of two new format deliverables - procedures and take home messages. Spring-cleaned the freebies area.

August 2006 - Identity theft

Released a new awareness module on identity theft, covering issues relating to remote user authentication, IT fraud etc. Republished our 7 myths about security metrics paper (as published by ISSA Journal).

July 2006 - Resilience and DR

Two new types of awareness material (a hyperlinked glossary and a paper about metrics for resilience and DR) graced July’s NoticeBored Classic module. IsecT and NoticeBored have been endorsed by ENISA in a paper for SMEs about building security awareness programs. Added yet another quotation to the Why awareness? white paper. Minor rewording of the privacy policy e.g. to refer to New Zealand’s Privacy Act.  Updated the NB Classic Product Data Sheet. Information security policy manual released, based on ISO/IEC 17799:2005.

June 2006 - Email security

Released an updated module on email security, marking our third anniversary for NoticeBored (and still the creativity and innovation continue!). The draft NIST information security manual SP 800-100 is well worth a read. Comments are invited during the next month or two but it’s hard to pick fault with this one. It’s a good-un, Reviewed Alan Calder and Steve Watkins’ book IT Governance - A Manager’s Guide to Data Security and BS 7799 / ISO 17799. NoticeBored Classic is three years old this month.

May 2006 - Security-SDLC integration

Released another innovative awareness module - a ‘marketing brochure’ to explain information security to development project managers, software developers etc. This was a special security awareness module on an extremely important issue yet one few security awareness programs ever cover.  Uploaded thumbnails of our new style security awareness posters.

April 2006 - Keeping secrets

No April fool this year, just solid meaty content on the topic of keeping secrets (confidentiality and privacy).  Interesting quote from E&Y on the value of security awareness included in our evolving white paper. Our white papers and the PDF versions of our newsletters are now covered by a Creative Commons license.

March 2006 - Malware

Released an updated and extended module on malware. Minor update to the True value of security awareness white paper.

February 2006 - Bugs! & updated Security induction module

Delivered the NoticeBored Classic module on Bugs!, the last of the original planned sequence of awareness topics. Announced the availability of a ‘library’ containing all 600+Mb NoticeBored Classic awareness materials delivered to date. The induction module has been updated and expanded. Revised the page listing NoticeBored topics. Published our review of the CISO Handbook. Recommended for CISOs or others building security improvement programmes. Added a succinct definition of social engineering by a certain Mr. Mitnick.

January 2006 - Third party security

Added a brief note about the broad range of NoticeBored customers. Information security awareness may be a niche product but it sure has a wide appeal. We finally figured out how to use FeedBurner to provide an RSS and XML feed of the NoticeBored blog. Joy! Published a review of Rebecca Herold’s excellent book on Managing an information security and privacy awareness and training program. Unreservedly recommended . 

December 2005 - Social engineering

Published the social engineering module in time for the run up to Christmas, a busy time for social engineers (including all three-year-olds). Repaired some broken links on the NB Classic sample page and uploaded a crossword sample. Published our calendar. Enjoy! Also published new NB Classic samples - a technical security awareness presentation intended for IT professionals and a typical management presentation. Help the boss understand what you’re always going on about! Published our review of Spies Among Us. Spent a few tedious hours weeding out broken links from the links collection.

November 2005 - Secure software development

Published a review of Spreadsheet check and control - highly recommended. Spent hours hunting down and eliminating broken links from the NB links collection. 

October 2005 - IT Operations

Having successfully relocated the NoticeBored office to New Zealand, site and links maintenance recommenced after a short hiatus. Updated the ‘office clock’ on the contact us page in the forlorn hope of avoiding calls from Europe and the States in the middle of our night ...

September 2005 - Authentication

Added some NIST SP references on the value of security awareness page. Referenced our ISO27001security website under the laws, regulations and standards links collection. Updated the value of security awareness page and PDF. Updated the value of security awareness white paper. Updated the 7 steps to security awareness white paper.

August 2005 - Change management and Security induction module

Released a standard NoticeBored Classic security awareness module on change management and a special bonus module for security induction training. Completely re-wrote the white paper on NoticeBored and ISO/IEC 17799, BS 7799 and ISO/IEC 27000-series standards. Published a review of Tim Layton’s new book on information security awareness.

July 2005 - The hacking threat and Crisis management special

Referenced Mich Kabay’s seminal paper on the psychological aspects of information security awareness, added further quotes to our Why do we need/value of security awareness white paper and provided a PDF version for easier printing. Published a special mid-month bonus NoticeBored Classic security awareness module on crisis management and contingency planning, inspired by the amazing London emergency services’ response to the bombs of July 7^th.

June 2005 - Email security

Launched Global Security Week. Referenced the 2005 Deloitte and AusCERT security surveys in Why do we need security awareness? Published our Seven Steps to Security Awareness white paper. NoticeBored is two years old this month!

May 2005 - Risk management

Noted the new mind maps and awareness survey deliverables on the NoticeBored Classic features page.

April 2005 - IT governance

Republished the Build your own security culture presentation because visitors are still looking for it. Published an IT Governance book review. Updated the Why do we need/value of security awareness white paper.

March 2005 - Malware

Added a glowing customer endorsement to the page suggesting how customers might use NoticeBored Classic. Published a short review of a neat little awareness book You Are A Loser. Added a quotation from Harris Miller to our piece on why we need security awareness. [Some enterprising customers are using this piece plus our business case for an information security awareness program to justify a budget line item for a security awareness program. Good luck to ‘em!].

February 2005 - Information security management

Added a brief single-screen About NoticeBored. Launched a conventional blog to document additions to the NoticeBored links collection.

January 2005 - IT auditing

Checked/updated all 900+ links in our links collection. Published a white paper on physical and environmental security for datacenters. Commented on competitors introducing curiously similar awareness services, albeit some 18 months after we launched NoticeBored ;-) Updated the NoticeBored overview/product information sheet.

December 2004 - IT laws, regulations & standards

Updated the NB Classic topics page to reflect the repetition of core infosec topics on a quarterly basis. Re-sequenced the links collection pages alphabetically by topic.

November 2004 - Physical IT security

Tried a ‘dialog’ facility on the home page - this was later dropped due to apathy.

October 2004 - Incident management

A dramatic new module maybe but certainly no crisis.

September 2004 - Accountability & responsibility

Updated the Why awareness? paper. Updated the NoticeBored Classic samples with current formats.  Added links to related topics at the bottom of each page in our links collection.

August 2004 - Social engineering

Intranet-based information security policy management tool launched.

July 2004 - Wireless networking security

Released awareness module on wireless networking as a “special”, an extra topic inserted into the planned cycle. Renamed the original content-only security awareness service NoticeBored Classic in preparation for the launch of NoticeBored Plus. The links collection was thoroughly checked and updated. Added a Hinson Tip to the Phishing page.

June 2004 - Contingency planning

Published future plans and other information on the upcoming awareness modules. NoticeBored Classic is one year old this month!

May 2004 - Privacy and data protection

Made further updates to the NoticeBored samples to demonstrate the range and format of current deliverables. Introduced a ‘proper’ managed facility for people to subscribe to the free monthly NoticeBored newsletter.

April 2004 - Email security

Website privacy policy updated with a more complete formal version here.

March 2004 - IT-related fraud

Issued a spoof press release on ‘global no-email day’ for April 1st.

February 2004 - Internet security

Updated the business case paper. Uploaded older newsletters for download. 

January 2004 - Intellectual property

Added a phishing alert page with an offer of four free phishing awareness posters available through the updated contact page. Added new samples of our security awareness posters.

December 2003 - Ownership of information assets

Documented the need for security awareness. Released a generic business case for an information security awareness program. Uploaded some new NoticeBored Classic samples. 

November 2003 - Mobile computing and teleworking

Uploaded a white paper showing how NoticeBored Classic topics relate to ISO/IEC 17799 sections and a site map.

October 2003 - Integrity

Published a white paper on Human factors in information security. Launched the free monthly NoticeBored newsletter.

September 2003 - Availability

Released this module a month earlier than planned to coincide with news of Blackout 2003 and widespread power cuts in London.

August 2003 - Confidentiality

Awareness module on confidentiality, one of the fundamental tenets of information security.

July 2003 - Malware

NoticeBored service officially launched. Our first security awareness topic was malware (viruses, worms and Trojans) - a topic we have covered several times since. 

June 2003 - NoticeBored security awareness launch

Announced the NoticeBored service, registered and launched this website. After an 18-month gestation period researching, designing, developing and preparing the NoticeBored concept, we finally hit the Web at the end of May 2003.