Human factors conspicuously absent
A new 'how to' piece on eHow.com titled Information Security Awareness & Training is curiously deficient.
I'm puzzled that someone who presumably feels they have expertise in the subject would write such a piece that refers almost exclusvely to technical IT security controls. There is no significant mention of human factors, nor any pragmatic help on how to plan, organize, develop, deliver, measure and maintain an infosec awareness & training program. It's so bad, I hardly know where to start criticising it.