Tag: Behavioural Change
Let’s be open about phishing
This article is taken from our white paper, ‘Your people and your risks: finding balance in the new normal’ in which we take a step back and look at how the behavioural landscape has shifted so dramatically over the last year. In this extract, we apply this approach to a concern common to all cybersecurity […]Read More
The new normal. What the old normal should have been?
The COVID-19 pandemic is an opportunity to regroup – four areas to consider. In his fascinating book ‘I’m afraid Debbie from Marketing has left for the day’*, Morten Münster explains that when it comes to decision making, the human brain has two systems: System one: fast, automatic, uncontrolled, subconscious, intuitive System two: slow, reflective, controlled, […]Read More
Why do people make mistakes?
TSC’s sister organisation, the Security Awareness Special Interest Group (SASIG) connects cybersecurity professionals from all areas. We invite SASIG Supporters to share their cybersecurity insights in The Insider. In this piece, we review a report from machine learning email security company Tessian, delving into human error, the reasons why it happens and how to minimise […]Read More
6 reasons your behavioural change plan failed
Or…why behavioural change plans fail to engage and inspire change with your employees. The best laid plans never survive contact with the enemy – so says the military man. Of course, a behavioural change plan for transforming your security culture starts from an altogether more positive place. After all, your staff aren’t your enemy (and […]Read More
3 reasons to consider gamification as part of your information security programme
What is gamification? Gamification is the application of gaming techniques and elements into any non-gaming environment. It can be applied to learning and development situations, marketing, recruitment and even our own health regimes (known as ‘exergaming’ – think Fitbit and associated challenges within the software. Across gamification models, typical game-playing elements include point scoring, competition […]Read More
A CISO’s guide to: creative employee awareness campaigns
Comms campaigns may not be your forte so take a leaf from the Internal Communication handbook to get your message across “What we’ve got here is failure to communicate.” The Captain, “Cool Hand Luke” This line from Donn Pearce’s Cool Hand Luke – the story of a recalcitrant southern states prisoner and 1967 film starring […]Read More
3 types of insider threat and what to do about them
Updated 06 October ’20 Many companies take careful measures to protect their critical assets from external risks, but they often remain vulnerable to insider threats. The latest Verizon Data Breach Investigations Report (DBIR) 2020, shows that 70% of cyber attacks were perpetrated by outsiders, such as organised criminal groups. This has remained fairly consistent over […]Read More