Why Security Awareness Does Not Work and What to Do Instead
It is no secret that phishing has become a huge problem. The current Phishing and Email Fraud Statistics 2019 are: The average financial cost of a data breach is $3.86m (IBM) Phishing accounts for 90% of data breaches 15% of people successfully phished will be targeted at least one more time within the year BEC... Learn More
Security Awareness Training is ineffective!
With an ever-increasing amount of cyber-attacks being undertaken and staff pressures increasing which often leading to human errors, we need to look differently at Security Awareness Training. I am sure that there is one thing all security experts should be able to agree upon, and that is that the vast majority of security awareness training... Learn More
Get the budget you need, not the one you deserve.
Without strong metrics that matter to the business, security awareness programs will continue to be the “bastard child of security”. We all know how little budget security gets, and of that, security awareness programs often achieve a minimalistic amount. Security Awareness programs are an essential component of any good security program, yet they rarely get... Learn More
How Aussie MSPs teach cybersecurity
For many channel partners, such as VARs and MSPs, cybersecurity-awareness training is a first stop in their quest to harden their customers’ networks against attack. That’s because the human element is most difficult to counter and presents the greatest risk to corporate assets. Obliviously clicking a single rogue email can shutter a company. But once... Learn More
Really? .. That’s your password!
It may be funny, but too many people don’t put serious effort into their passwords. Businesses can protect themselves against cyber threats by having all the latest and greatest layers of protection, such as unified threat management (UTM) appliances, endpoint protection and even strict security policies. But the biggest threat to businesses remains relatively unaddressed!... Learn More
Here’s how to defend yourself online
Online scams and attacks are surging and growing more sophisticated, conning thousands of people and companies out of millions of dollars. How to detect and avoid online scams Digital technology, social media and email have changed the world in the way we all communicate as it provides such great access to people and such detailed... Learn More
Conscious vs. Unconscious – the determinants of security behaviour
Introduction Have you ever wondered why you still fall for simple social engineer attack, even after you have undertaken a comprehensive security awareness training program that looks at cyber security behaviour? Even more interesting, why can you identify the errors within a phishing email in a training course, yet still fall for the exact same... Learn More
A habitually funny story
I was running a security awareness training session for some executives of one of our customers recently, when I put up on the projector, a sample phishing email. I asked the room to identify the errors within the email that would suggest it was a malicious phishing email. To the credit of the executives within... Learn More
Shadow IT Risks and How to Mitigate Them
Let’s assume that you decide to do some extra work at home. You build a database to address a company issue, put company data, customer information or just some innocuous information on your personal device to be more efficient at work. Maybe you even upload it into Google Drive or Dropbox for easier accessibility. This... Learn More
“FINAL WARNING” email – have they really hacked your webcam?
Sextortion is back! In fact, it never went away. Some of us get dozens of sextortion scam emails every month to our work and personal accounts, demanding us to PAY MONEY OR ELSE!! In the crime of sextortion, the “OR ELSE” part is a threat to release a video of a sexual nature in... Learn More
