Addressing Human Risk
Addressing human risk, compliance and appropriate controls isn’t as easy as just doing some email phishing, some training and then some more phishing. Many companies undertake these components, or maybe even add in some face to face training, but they never really achieve their objectives of reducing human risk, implementing suitable controls and being able... Learn More
Why do a Vendor Management Program
Protecting critical data does not stop at securing the devices on your network or even the employees of your company. In an increasingly complex environment, it extends beyond an organisation’s walls to the systems and networks of its ecosystem of third-party vendors. It’s why Vendor Management Programs need to consider cyber security! According to a... Learn More
Christmas Scams
Layer 8 Security is warning everyone to be wary of scammers trying to ruin their Christmas holidays. Scammers often try to take advantage of people during the busy Christmas period and prey on our vulnerabilities at this time of year. For example, they may take advantage of you looking for a good deal on a... Learn More
Security Awareness: Myth or Mystery
What is security awareness? It’s the ability to directly know and perceive, to feel, or to be cognisant of events. More broadly, it is the state of being conscious of something. Does that mean that security awareness is the consciousness of security threats and how to address them? We often see organisations implementing Security Awareness... Learn More
Clean desk policy – What a joke.
Everyone has a clean desk, right? And there is no security concerns with having a messy, untidy or cluttered desk, right? Maybe, you clean your desk when you leave the office? Many people leave the office at night with a plethora of paperwork on their desk. “It will be safe as my office is locked... Learn More
A better way to address passwords
We all have a multitude of local and online accounts that require username and passwords. We all hate passwords. Either you can’t remember them, or you re-use the same one over and over to avoid forgetting it. Perhaps, you use your last password and add a number at the end. Trying to come up with... Learn More
4 Laws of Changing People’s Behavior
“Change is so damn tough, you can’t possibly imagine how tough it is and how incapable most of you are to change.” That’s how Keith Ferrazzi, author of “Who’s Got Your Back: The Breakthrough Program to Build Deep, Trusting Relationships That Create Success–and Won’t Let You Fail,” stated it. Now, extrapolate this out to cyber... Learn More
Unintentional Breaches or Benign User Activities
Ask any insurance underwriter who provide Cyber Insurance, “What is the primary cause of Cyber Claims”, and you will hear, “Human Error”. Human error constitutes more than 50% of all cyber insurance claims. I acknowledge that some of these “Human Errors” are not accidental. Some are malignant or malicious. I will address this further in... Learn More
Opinions on security predictive behaviour
I’m sure you heard the theme many times over the past few years that the best ROI for cybersecurity spend, comes from investing in your people’s security awareness. Although it doesn’t really look at their behaviour. Supporting quotes from the article below. According to the first Notifiable Data Breaches (NDB) quarterly report, published by the Office... Learn More
The Marshmallow Theory
I’m sure we have all heard about the Marshmallow Theory. In the theory, a child was offered a choice between one marshmallow provided immediately or two marshmallows, if they waited for a brief period, approximately 20 minutes. Researchers found that children who were able to wait longer for the preferred rewards tended to have better... Learn More
