Technological progress has always been a double-edged sword empowering organizations of all sizes to digitalize their processes but also creating room for multiple types of hacking attacks and scams. In order to manage this tension and leverage online assets such as websites, email, and third-party applications, it’s necessary to think [...]
Remote working is great – but it presents security challenges that have to be addressed. The modern workplace is markedly different from the 9-5 equivalent of even 15 years ago. Mature businesses offer a variety of schemes to entice information workers into challenging jobs and provide hours that [...]
Social engineering–the use of psychological manipulation to gain and abuse the trust of humans. Social engineers have long taken advantage of human emotions. It’s how they’re able to convince people to divulge sensitive information or provide access to controlled areas of buildings and offices. The tactics that scammers use have been [...]
IT security and cybersecurity policies are all the rage these days, and rightfully so. However, an IT security policy alone does not guarantee effective security within an organization. Responsible organizations understand that the onus is on them to communicate the elements of their security policies to their employees in an [...]
June is National Internet Safety Month! How have you been celebrating? We recommend re-evaluating your technology, updating passwords, cleaning up your files, and spreading cyber awareness to your community! National Internet Safety Month is in it’s last two weeks. But just because it’s winding down doesn’t mean you can let [...]
For years, security experts have recommended complexity as a measure of strength. Your password should contain double-digit characters. Your password should contain symbols, numbers, and letters. Your password should utilize upper and lowercase letters. Shuffle in some randomness, change them periodically and finally, your password passes the minimal requirements of [...]
The Verizon Data Breach Investigation Report returns for an 11th straight year. In this edition, the study includes over 53,000 incidents and 2,216 confirmed data breaches sourced from multiple data contributors. We encourage you to download it for yourself and read it cover to cover. Please note that all statistics [...]
The FBI defines business email compromise (BEC, and sometimes called CEO fraud) as a “sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The E-mail Account Compromise (EAC) component of BEC targets individuals that perform wire transfer payments.” From October 2013 to December [...]
The healthcare industry is one of the top targets for cybercriminals, but it’s not alone. Insurance companies, financial firms, universities and schools, social media and online commerce companies are all at risk and, therefore, have regulations they must adhere to. Basically, if a company or organization handles any personally identifiable [...]
How do you measure the success of your security awareness program (SAP)? Even with metrics and testing, the numbers only tell us when and if employees have completed training. Not if the training had a positive impact on an organization’s efforts to prevent breaches or data leaks. Not if it [...]
