Tag: Employee Security Awareness
The new normal. What the old normal should have been?
The COVID-19 pandemic is an opportunity to regroup – four areas to consider. In his fascinating book ‘I’m afraid Debbie from Marketing has left for the day’*, Morten Münster explains that when it comes to decision making, the human brain has two systems: System one: fast, automatic, uncontrolled, subconscious, intuitive System two: slow, reflective, controlled, […]Read More
Phishing: Big phish, little phish
Landing just one phish can be disastrous. How many times have you heard that it only takes one phishing email to cause damage? That’s because it really does only take one. One email to an employee. One click on a link. One fake website. One password entered. One very happy criminal. What is a ‘typical’ […]Read More
Let’s wrap it up!
An infosec review of 2019. Lauren Groom looks back over the infosec year and the five key lessons we learned going in to 2020 Throughout 2019 we saw high profile information security incidents and events, from accidental data breaches to ransomware. The threat to Internet of Things (IoT) devices has continued to increase, and phishing […]Read More
Owning your digital footprint
Take control before someone else does. Complementing her previous article on the company’s digital footprint, Rachael West explains threats to your personal digital footprint and how you can own and protect it. Have you ever Googled yourself? You may be surprised by what information you can find about yourself just from a simple online search. […]Read More
Owning your company’s digital footprint
Your organisation’s credentials are out there for all to see. Marketing messages, business statements, company information and everything written, posted or downloaded leaves a permanent trace in cyberspace. This is your organisation’s digital footprint. It is your online identity, made up of your unique set of traceable online activities, communications and information. Everything that goes […]Read More
Reaching parts other information security awareness programmes cannot reach
Show the value of good information security behaviour. The number of people in your Information Security team equals the number of employees in the business. In which case, you may have a lot of people to make aware of good information security behaviour. And while bringing in technology (often at eye-watering cost) reduces risks and […]Read More
Diary of an IoT hacker: I know what you ate last Sunday
I spy with my little eye, something beginning with ‘R’… 13:31 – Roast potatoes, with chicken, broccoli, carrots – but no gravy. That was John’s first mistake. But not his last. I am sure he is called John, at least that’s what I remember his wife calling him. Watching him cook is like an episode […]Read More
Why do employees avoid reading policies?
To read or not to read, that is the question. So, what is the answer? Well, it often depends on who you ask. For the policymakers and leaders of an organisation, the answer is an emphatic ’read’. But, on asking an employee whether they have read the company policies, the answer is more likely to […]Read More
Is it time to rethink the term Insider Threat ?
Cloud administrators: A new Insider Threat Stephen Hawking was once asked whether we should be intentionally advertising our presence in the cosmos. Fearful of malevolent extra-terrestrials, Hawking suggested keeping quiet might be our best option. Unfortunately, this warning arrived a little late, as we have been advertising our presence, intentionally or not, for almost a […]Read More