Awareness Myth Busting

Why attempts to raise the level of awareness to information security are failing, and what to do in order to change it.

Written by Eh’den Biber

Prologue – Battlefield

The field of information security is system and technology driven. This is why it is no wonder that the first attempts to make people act according to way we believed is best from information security standpoint was compliance. Oh, and it worked SO great, didn’t it? Dear auditors, this was a rhetorical, cynical question, so let me assure you: when it comes to humans, compliance doesn’t work, sometimes even when you put a gun against someone’s head.
We moved to from compliance to awareness, and we continue to fail.

This article will try to break down multiple elements to why we fail in our information security awareness activities. After years of looking into awareness from educational, psychological, neurological, biological and spiritual perspectives I realised that the reason we are failing to increase awareness is because we never did a true root-cause analysis.

Believe me, I’ve been doing everything I can to avoid writing this article. Like Arjuna the hero of the Bevagad Gita, I tried to avoid going into a battlefield, getting in a collision course with a community of people, some of which I know personally. Every time I wanted to write the article you’re about to read, my subconscious was re-living the times I’ve been ridiculed, judged, kicked around (physically, emotionally, verbally), and eventually, stabbed (yeh, in London). When in a battlefield, it is hard to remember that who you think you are is a mind running on ego operating system, which been optimised to increase your survival rate. This thing, my humanity, was preventing me from writing, in order to prevent the suffering, to increase survival rates. This is what the brain/mind is meant to do, and in my case, my brain was trying to increase my professional survival.

The reason for my long silence in recent months was due to the fact I came to the realisation that our profession is based on pseudo and proto science, that most of what we do can be qualified as cult behaviour (cargo, anyone?), and that our blindness is in the core of our failure to reduce the likelihood of future loss event that is caused by a “human vulnerability” which lead to wrong decision making.

Finally, I said it, and here I am experiencing how it feels to be honest and fearless. Blessed.

Continue reading

When a Muslim met a Jew (the X-rated edition)

A tale about elections, erections, infosec and awareness.

By Eh’den Biber


Last week I had a conversation with an extremely intelligent man, who is also holding a passport of a country who is Muslim. A country which don’t have a diplomatic relationship with the country I was born in, Israel.

The Arab-Israeli conflict reminds me a very smart Jewish which can be paraphrased more or less to “Wise people shut the fuck up”. Obviously wisdom is way far ahead of me, but in the meanwhile, it’s a great story.

So we talked. About Israel, and his country, and it was very interesting because he was surprised that I grew in a semi-atheist environment (Oh, Tel-Aviv, you have wonderful sides). I was surprised because I’m not used to a dialogue about the subject that does not end up in stereotypes. It’s been a while since I talked about the subject, mainly because of the fact I got tired of hearing how the Jews control the world. I want to remind ANYONE who still think so to stop reading and look at the other side of the appliance they are using to read this. It’s China who owns the world.

Continue reading

Breaking The Iceberg

What the US election tells us about the lack of awareness we live in – and how it all relates to information security.


By Eh’den Biber


To understand the core of the problem of , we need to understand that we are like an iceberg – a majority of what makes us feel, walk, talk, drive, write , see, breath – is under the surface. Most of us don’t notice the fact we are constantly breathing – and yes, you only noticed it right now, and you will admit it if you were honest. What you consider as “you” don’t actually do anything conscious when you walk-and-snapchat-hopefully-not-your-penis, and not in the form of an ASCII art (you welcome, people-who-had-commodore-64). Let’s move on 🙂

The point of the matter is that what we associ`ate ourselves as “me” – that thing which is now speaking and makes comments in your head, you know, “that thing” – is not you even what you experience right now.

Derren Brown, a brilliant magician, illusionist and a very smart guy published a book last week called “happy”. It is a book a practical philosophy type of book about the meaning of happiness. It is a great book, get it.

In the first chapter, he describes what we consider as what we experience right now as
“…neat narratives that allow us to arrange complicated reality into a satisfying and tidy parcel, and move on with our lives. Without them in place, we would see only a mess of details. If we were unable to form meaningful patterns, our lives would become overwhelmed.”

If you want to know more about this thing, read Derren’s new book. Or if you want a kinder, funnier edition grab the book “The Untethered Soul: The Journey Beyond Yourself” by Michel Zinger. Or if you are into slow speaking philosophers with sometimes non-understandable English, hook into Osho. Or, if you’re trying to blow your mind away listen to Terence McKenna.

Or don’t. Most likely, you don’t.

Most people, so it seems, are very happy being who they are. As Oscar Wilde said: “If you want to tell people the truth, make them laugh, or else they will kill you”. The subconscious is a big, scary thing to most people, and most people would be scared shit to know they run by powers they have little control or influence on. Similar to icebergs which only 10% of their size is above the water (You welcome, Titanic), your brain is mostly unconscious, with one research showing 7 seconds delay between the time your brain “made up” its mind and the time you realise it. Seven seconds of unconscious thinking, decision making, which you have no clue of, which is controlled by a subconscious mind.

The States of America has chosen via the wisdom of the crowd to have two people who like the truth as much as they like transparency to represent them for the upcoming election. One is doing it most likely because he is trying to compensate on his lack of erection and the other is trying to compensate her husband over-excited sense of erection. These two very-unworthy-people-to-become-president were chosen to represent people who seems to be utterly blind to the fact they could have prevented it – because IT IS A FREAKING DEMOCRACY.

This state of utter lack of awareness to the nature of the system is not surprising. It is easy to and make fun of Americans because they have raised the level of fake-ness into a form of art (AKA Hollywood and Netflix). However, quest for truth was never “the thing” in human civilisations. As John Taylor Gato wrote in “the underground of American education” there were only two occasions in which freedom of individuals was driving society: Athene golden era, and the early days of the united states of America.

There is always a burst of quest for awareness: take for example the Falun Dafa, AKA Falun Gong in , or the drug culture and civil rights movements of the 60s and early 70s in the US and in Europe. When they occur, the authorities do everything they can to cut it, and cut it fast.

The reason why society fears this burst of awareness is because our societies are built on elements of enslavement. Sure, the enslavement we experience in the west do not come close to the enslavement of the people in , or sadly, the state of freedom in most of the countries who represent the (UN). But still, even here in the west, people are not allowed full control on their future. let me explain why:

At the end of the day, there is only ONE freedom that truly counts – it is an inner freedom. When one is experiencing inner freedom, nothing can break it. Nothing. If nothing can break you, you can move the people in power when you don’t like them. As you can see in the current  in the US, that is not happening, because people have no sense of awareness. Ladies and Gentlemen – this is not a simple correlation – it is a rare causation.

So how can we change it? Obviously not how we try to do it, and obviously not by those who supposed to be responsible of it.

Take for example of , group of people who are the main beneficiary of the organisation they lead (AKA – “the board”) are being scrutinised because of security incidents that are caused by cyber-attacks. These people realise the situation is not good, and that the cause to it is their , who seems to be illiterate.

The problem starts when they try to the bloody peasants (or infosec infidels), which usually ends up going nowhere.


It doesn’t go anywhere because in the case of information security a true change requires to make people perform information security related decisions in their unconscious – like driving, or dancing, or snapchatting … ok we already covered that. But the subconscious is already full of the story one has about himself/herself/themselves.


Again, another beautiful quote from Derren Brown book:

We are, each of us, a product of the stories we tell ourselves. 

Awareness is about moving away from our story, our “me”, in order to give space to wisdom. When the story subsides, wisdom arise. The problem is that the subconscious is untamed by you, and to clean it up is PAINFUL. Do you know how hurt it is to let go of what makes “me” happy, and what makes “me” suffer? A lot. How much? Let me give you a glimpse of my paths (bless all of them) who created a magnificent story: I had to sit down next to our third child, my daughter, and see her die in front of my eyes – that after we lost our second son on the day of my sister wedding. The pain of letting go of that child was horrible, the pain of kissing my daughter forehead and leave her so she could die was HUGE. And still that pain was NOTHING compared to letting go of that story in order to let space be part of me. That story constructed me, I was that story. To let go of everything I used to associate with felt as if I was being torn apart from the inside. That inner sensation, that letting go of the story of myself, was the most painful experience I ever had. It knocked this thing I called “me” down, and I can assure you, most people don’t dare to go as far as I did. Not  nor emotional pain (I had both bless the one), none of them came even close to untangling my subconscious. It is a death experience, and since most humans are driven by fear of death awareness brings up resistance which ends up with suffering (or he’ll, depends when you resist).

What allowed me go via this process? Love, compassion, kindness, happiness, stillness”, which are the gifts of experiences that my teacher given me by being them. These gifts led to a state of gratitude, and peace. They allowed the true “I” to be experienced. My false sense of self took a leap of faith into the abyss, to do the counter intuitive act of “dying” so the true “I” can experience itself. I’m aware this all sounds weird and strange if you truly believe in your story, but that is why awareness is ungrasped and unquantifiable by the mind.

This is the nature of awareness: If you want one, you’re not going to experience it. You become one by letting go of all wants and needs, of letting go of your story.

Next time you hear about information , or when you watch the candidates to the US presidency and think to yourself , realise that unless you will choose to experience an inner space of awareness, you will continue to experience a “reality” in which you let a blind people tell you what light looks like.

Break the Iceberg, discover that you are the endless sea.



‍ , ‍ , ‍ , ‍ , ‍

The alien guesthouse

By Eh’den Biber


Part one – Drop the Grenade, or Inner Spirit of Time

When I was young and innocence I loved playing games; I loved pretending. I can still remember how I loved to pretend I’m an astronaut, a scientist, a hero. I remember how I saved the world again and again in a movie constructed by my own imagination. It felt good, felt wonderful.

That was then.

Let’s fast forward to my last weekend: I’m in a restaurant in what will be called by Americans as “the middle of nowhere”, or as Europeans like to call it – Brussels. I’m the hero of a WTF story: one which I, as a dad, is trying to prevent his youngest son from stabbing himself with a knife. Seriously, where is my freaking spaceship!?!

Continue reading

EU: The Post Mortem Edition

ANALYSIS: How lack of awareness led us to BREXIT, and what can we do next?

(Warning – colourful language is ahead ).


Part 1 – The Deadly and the Trump, or how the heck did we get here?

For months EU citizens were looking at the race of the US republican and democrat candidates, feeling they are watching a weird reality show. The democratic party stood behind a politician who is so tied to corporate America that it’s impossible to think of any interest group that she or her husband didn’t receive donations from. The Republicans vote went to a big mouth, fear mongering, racist, who was best described by Seth MacFarlane: “This guy has an ego. When Trump bangs a supermodel he closes his eyes and imagine he’s jerking off

The fact US citizens are most likely faced with the option of choosing between a scam master sociopath and a the most lethal woman in US politics is not easy. Some European felt compassion to the Americans who have to choose between the two, but the majority of the people simply felt shocked by the Trumpism movement and the fact he was left the only nominee of the Republican party.

Meanwhile, in my fairyland, also known as the UK, our prime minister lured voters to re-elect him in the last general election based on a promise for a referendum to whether or not the UK should stay in the EU. Since he won, and since there are so many people in the UK who wanted that referendum Cameron was forced into honouring his promise. And then blah blah blah… and now we’re out. Hip Hip Hooray to 52% of the population.

Continue reading