Get the budget you need, not the one you deserve.
Without strong metrics that matter to the business, security awareness programs will continue to be the “bastard child of security”. We all know how little budget security gets, and of that, security awareness programs often achieve a minimalistic amount. Security Awareness programs are an essential component of any good security program, yet they rarely get... Learn More
How Aussie MSPs teach cybersecurity
For many channel partners, such as VARs and MSPs, cybersecurity-awareness training is a first stop in their quest to harden their customers’ networks against attack. That’s because the human element is most difficult to counter and presents the greatest risk to corporate assets. Obliviously clicking a single rogue email can shutter a company. But once... Learn More
Really? .. That’s your password!
It may be funny, but too many people don’t put serious effort into their passwords. Businesses can protect themselves against cyber threats by having all the latest and greatest layers of protection, such as unified threat management (UTM) appliances, endpoint protection and even strict security policies. But the biggest threat to businesses remains relatively unaddressed!... Learn More
Here’s how to defend yourself online
Online scams and attacks are surging and growing more sophisticated, conning thousands of people and companies out of millions of dollars. How to detect and avoid online scams Digital technology, social media and email have changed the world in the way we all communicate as it provides such great access to people and such detailed... Learn More
Conscious vs. Unconscious – the determinants of security behaviour
Introduction Have you ever wondered why you still fall for simple social engineer attack, even after you have undertaken a comprehensive security awareness training program that looks at cyber security behaviour? Even more interesting, why can you identify the errors within a phishing email in a training course, yet still fall for the exact same... Learn More
A habitually funny story
I was running a security awareness training session for some executives of one of our customers recently, when I put up on the projector, a sample phishing email. I asked the room to identify the errors within the email that would suggest it was a malicious phishing email. To the credit of the executives within... Learn More
Shadow IT Risks and How to Mitigate Them
Let’s assume that you decide to do some extra work at home. You build a database to address a company issue, put company data, customer information or just some innocuous information on your personal device to be more efficient at work. Maybe you even upload it into Google Drive or Dropbox for easier accessibility. This... Learn More
“FINAL WARNING” email – have they really hacked your webcam?
Sextortion is back! In fact, it never went away. Some of us get dozens of sextortion scam emails every month to our work and personal accounts, demanding us to PAY MONEY OR ELSE!! In the crime of sextortion, the “OR ELSE” part is a threat to release a video of a sexual nature in... Learn More
5 types of Insider Threats
Insider breaches — those caused by employees and leaders within an organization — are among the costliest and hardest to detect of all data breaches. Two-thirds of total data records compromised in 2017 were the result of inadvertent insiders, according to the “2018 IBM X-Force Threat Intelligence Index,” and insider threats are the cause of 60... Learn More
Building a better security culture
Everyone knows how crucial security is and how it must be embedded into everything an organisation does. A simple glance at the news provides details on the data breach of the day tied to an application security vulnerability. Take a stroll to the Information Security department and you’ll hear about the latest blunder an employee... Learn More
