A habitually funny story
I was running a security awareness training session for some executives of one of our customers recently, when I put up on the projector, a sample phishing email. I asked the room to identify the errors within the email that would suggest it was a malicious phishing email. To the credit of the executives within... Learn More
Shadow IT Risks and How to Mitigate Them
Let’s assume that you decide to do some extra work at home. You build a database to address a company issue, put company data, customer information or just some innocuous information on your personal device to be more efficient at work. Maybe you even upload it into Google Drive or Dropbox for easier accessibility. This... Learn More
“FINAL WARNING” email – have they really hacked your webcam?
Sextortion is back! In fact, it never went away. Some of us get dozens of sextortion scam emails every month to our work and personal accounts, demanding us to PAY MONEY OR ELSE!! In the crime of sextortion, the “OR ELSE” part is a threat to release a video of a sexual nature in... Learn More
5 types of Insider Threats
Insider breaches — those caused by employees and leaders within an organization — are among the costliest and hardest to detect of all data breaches. Two-thirds of total data records compromised in 2017 were the result of inadvertent insiders, according to the “2018 IBM X-Force Threat Intelligence Index,” and insider threats are the cause of 60... Learn More
Building a better security culture
Everyone knows how crucial security is and how it must be embedded into everything an organisation does. A simple glance at the news provides details on the data breach of the day tied to an application security vulnerability. Take a stroll to the Information Security department and you’ll hear about the latest blunder an employee... Learn More
Addressing Human Risk
Addressing human risk, compliance and appropriate controls isn’t as easy as just doing some email phishing, some training and then some more phishing. Many companies undertake these components, or maybe even add in some face to face training, but they never really achieve their objectives of reducing human risk, implementing suitable controls and being able... Learn More
Why do a Vendor Management Program
Protecting critical data does not stop at securing the devices on your network or even the employees of your company. In an increasingly complex environment, it extends beyond an organisation’s walls to the systems and networks of its ecosystem of third-party vendors. It’s why Vendor Management Programs need to consider cyber security! According to a... Learn More
Christmas Scams
Layer 8 Security is warning everyone to be wary of scammers trying to ruin their Christmas holidays. Scammers often try to take advantage of people during the busy Christmas period and prey on our vulnerabilities at this time of year. For example, they may take advantage of you looking for a good deal on a... Learn More
Security Awareness: Myth or Mystery
What is security awareness? It’s the ability to directly know and perceive, to feel, or to be cognisant of events. More broadly, it is the state of being conscious of something. Does that mean that security awareness is the consciousness of security threats and how to address them? We often see organisations implementing Security Awareness... Learn More
Clean desk policy – What a joke.
Everyone has a clean desk, right? And there is no security concerns with having a messy, untidy or cluttered desk, right? Maybe, you clean your desk when you leave the office? Many people leave the office at night with a plethora of paperwork on their desk. “It will be safe as my office is locked... Learn More
