Data, Security and Training - Information Management Today

Gamification Can Make Security Training Fun

Data Breach Today

JULY 24, 2023

Webhelp CISO on Interactive Tools for Cybersecurity Awareness Training In a bid to revolutionize information security training and make it more engaging and memorable for employees, Ivan Milenkovic, group CISO at WebHelp, advises firms to adopt gamification and interactive content in corporate training to make it more accessible and memorable for employees. (..)

Security

Security Information Security Cybersecurity Access

ISACA Generative AI Survey: Training Gaps, Focus on Security

Data Breach Today

DECEMBER 1, 2023

AI and Governance Expert Stresses Importance of Training for All Employees According to a recent pulse poll from ISACA on generative AI, only 6% of respondents' organizations are providing training to all staff on AI, and more than half - 54% - say that no AI training is provided at all, even to teams directly affected by AI.

Security

Security Government

KnowBe4 Buys Egress to Aid Awareness Training, Email Defense

Data Breach Today

APRIL 24, 2024

KnowBe4's First Deal Since 2021 Brings AI-Based Email Protection, Training Together KnowBe4 purchased an email security provider founded by a Check Point veteran to offer AI-based email protection and training that's automatically tailored relative to risk.

Cybersecurity

Cybersecurity Risk Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Huntress Buys Security Training Provider Curricula for $22M

Data Breach Today

JULY 21, 2022

Huntress evaluated seven companies with security training tools and chose Curricula for its ease of use, manageability for smaller customers and enjoyable online learning experience.

Education

Education Security IT

Researchers devised an attack technique to extract ChatGPT training data

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique that could have been used to trick ChatGPT into disclosing training data. A team of researchers from several universities and Google have demonstrated an attack technique against ChetGPT that allowed them to extract several megabytes of ChatGPT’s training data.

Paper

Paper Privacy IT Access

CISA Recommends Continuous Cybersecurity Training

KnowBe4

MARCH 21, 2024

In an age when 70% - 90% of successful data breaches involve social engineering (which gets past all other defenses), sufficient training is needed to best reduce human-side cybersecurity risk. Everyone should be trained in how to recognize social engineering attempts, how to mitigate (i.e., delete, ignore, etc.)

Cybersecurity

Cybersecurity Data breaches Risk Security awareness

Extracting GPT’s Training Data

Schneier on Security

NOVEMBER 30, 2023

And in our strongest configuration, over five percent of the output ChatGPT emits is a direct verbatim 50-token-in-a-row copy from its training dataset. This happens rather often when running our attack. Lots of details at the link and in the paper.

Paper

Paper Artificial Intelligence IT

Google AI Security Plan: Bug Bounty, Supply Chain Safety

Data Breach Today

OCTOBER 26, 2023

Google Makes Announcements on New Bug Reporting Guidelines, Supply Chain Security Security researchers with novel ways to make Google artificial intelligence models leak sensitive training data or otherwise misbehave can submit their findings to the internet giant's bug bounty program.

Artificial Intelligence

Artificial Intelligence Security IT

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

The Last Watchdog

JANUARY 9, 2024

Augmented reality (AR) and virtual reality (VR) technologies provide intriguing opportunities for immersive and interactive experiences in cybersecurity training. Related: GenAI’ impact on DevSecOps Here’s how these technologies can bridge learning gaps in cybersecurity awareness and enhance the overall training experience.

Cybersecurity

Cybersecurity Risk Access Marketing

FTC Chair Asserts Certain Sensitive Data Should Be Excluded from Training AI Models

Hunton Privacy

MARCH 11, 2024

As reported by Bloomberg Law , on February 27, 2024, at RemedyFest, a conference hosted by Bloomberg Beta and Y Combinator, Federal Trade Commission Chair Lina Khan said that sensitive personal data that is linked to health, geolocation and web browsing history should be excluded from training artificial intelligence (“AI”) models.

Artificial Intelligence

Artificial Intelligence Personal data Privacy Security

Why User Awareness Training Misses the Mark

Data Breach Today

JUNE 13, 2022

Oz Alashe, CEO of CybSafe, Discusses New Approaches to Changing User Behavior A great deal of awareness training has been offered to users - including phishing simulations - but none of it seems to have led to a significant change in their poor security behaviors and decision-making skills, says Oz Alashe, CEO of CybSafe.

Phishing

Phishing Security IT

API Flaws Put AI Models at Risk of Data Poisoning

Data Breach Today

DECEMBER 5, 2023

Hugging Face Fixes Flaw; Meta, Other Tech Giants Revoke Vulnerable Tokens Security researchers could access and modify an artificial intelligence code generation model developed by Facebook after scanning for API access tokens on AI developer platform Hugging Face and code repository GitHub.

Artificial Intelligence

Artificial Intelligence Risk Access Security

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. Related: Leveraging security standards to protect your company. It involves regularly changing passwords and inventorying sensitive data. There are several ways you can protect your business from data breaches.

Cybersecurity

Cybersecurity Security awareness Passwords Data breaches

Sexual Harassment Prevention Training from…KnowBe4?

KnowBe4

DECEMBER 4, 2023

When you think of KnowBe4, you probably think of phishing training, good password hygiene modules, security awareness, or maybe even data protection compliance such as GDPR.

Security awareness

Security awareness GDPR Phishing Compliance

Reinventing Security Awareness Training

Data Breach Today

JUNE 18, 2019

Want to improve how your organization delivers and absorbs security awareness training? Then it comes down to reinventing your approach, including gamification, says Barracuda's Michael Flouton.

Security awareness

Security awareness Security IT

Zoom trains its AI model with some user data, without giving them an opt-out option

Security Affairs

AUGUST 7, 2023

Zoom changed its terms of service requiring users to allow AI to train on all their data without giving them an opt-out option. Zoom updated its terms of service and informed users that it will train its artificial intelligence models using some of its data. Service Generated Data; Consent to Use. “ 10.2

Artificial Intelligence

Artificial Intelligence IT Privacy Data collection

Security Training: Moving on from Nick Burns Through Better Communication

eSecurity Planet

AUGUST 22, 2022

A recent experience highlighted that security awareness training and most alerts to users about unsafe practices may be making the error of being too general. An alert came in one morning about a security alert generated by my device. It contained no data about what I had done, what email or website, or when this happened.

Communications

Communications Security awareness Security Cybersecurity

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. A society where big companies tell blatant lies about how they are handling our data—and get away with it without consequences—is a very unhealthy society. ” These foundation models want our data.

Privacy

Privacy GDPR Risk Government

ISACA Security Survey 2023: Technical Skills Gaps, Budgeting

Data Breach Today

OCTOBER 6, 2023

ISACA's Jon Brandt Discusses Threat Trends, Hiring Challenges, New Opportunities What kinds of training do security professionals need?

Security

Security Cloud Cybersecurity

Hack The Box Raises $55M to Bolster Cyber Training Platform

Data Breach Today

JANUARY 12, 2023

Startup Wants to Add More Cloud, Defender-Related Material to Its Training Platform Hack The Box has completed a Series B funding round to add more cloud security and a gamification approach to its cybersecurity training platform.

Cloud

Cloud Cybersecurity Security IT

Manipulating Machine-Learning Systems through the Order of the Training Data

Schneier on Security

MAY 25, 2022

Yet another adversarial ML attack: Most deep neural networks are trained by stochastic gradient descent. Now “stochastic” is a fancy Greek word for “random”; it means that the training data are fed into the model in random order. So what happens if the bad guys can cause the order to be not random?

Paper

Paper IT Security

IBM and TechD partner to securely share data and power insights with gen AI

IBM Big Data Hub

APRIL 16, 2024

As technology expands, at TechD , we know that the quality of generative AI (gen AI) depends on accurate data sourcing. A reliable and trustworthy data source is essential for sharing information across departments. This addresses data management, conversational interface and natural language processing needs with efficiency.

Security

Security Unstructured data Retail Analytics

News alert: Massachusetts pumps $1.1 million into state college cybersecurity training programs

The Last Watchdog

OCTOBER 5, 2023

5, 2023 – Today, the Healey-Driscoll Administration kicked off Cybersecurity Month in Massachusetts with the announcement of $1,136,911 in funding to develop a new cybersecurity training center at MassBay Community College and support the existing center at Bridgewater State University. Worcester, Mass.,

Cybersecurity

Cybersecurity Education Government Security

Google Is Using Its Vast Data Stores to Train AI

Schneier on Security

JULY 12, 2023

No surprise, but Google just changed its privacy policy to reflect broader uses of all the surveillance data it has captured over the years: Research and development : Google uses information to improve our services and to develop new products, features and technologies that benefit our users and the public.

IT

IT Privacy Cloud Data collection

Facebook Trains Its AI on Your Data. Opting Out May Be Futile

WIRED Threat Level

SEPTEMBER 7, 2023

Here's how to request that your personal information not be used to train Meta's AI model. "Request" is the operative word here.

IT

IT Security

How to Stop Your Data From Being Used to Train AI

WIRED Threat Level

APRIL 10, 2024

Some companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.

Artificial Intelligence

Artificial Intelligence Privacy Security

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

What Is a Good Survey Rating for Security and Compliance Training?

KnowBe4

FEBRUARY 22, 2023

We received great feedback from many of you after sharing data about completion percentages last month so much that we thought, “What other things can we share from our vast amount of training data?”

Compliance

Compliance Security

Tips for Gamifying Your Cybersecurity Awareness Training Program

Security Affairs

NOVEMBER 29, 2022

According to one report , 82% of data breaches involved the human element, from social attacks to misuse of technologies. These errors are not always entirely preventable, as some level of human error is inevitable, but proper training in cybersecurity awareness can greatly decrease the likelihood of human mistakes leading to data breaches.

Cybersecurity

Cybersecurity Data breaches Education Phishing

GUEST ESSAY: A call to blur the lines between cybersecurity training, up-skilling and higher ed

The Last Watchdog

APRIL 26, 2022

Related: Cultivating ‘human sensors’ They may not entirely realize that when compounded, these two concerns could pose a critical security threat for their organization. Losing the security talent that they do have to what has been called the Great Resignation. Today, there are more paths into cybersecurity than ever.

Cybersecurity

Cybersecurity Education Communications Security

12 Data Loss Prevention Best Practices (+ Real Success Stories)

eSecurity Planet

APRIL 12, 2024

Data loss prevention (DLP) best practices are principles that help prevent intentional or unintentional data erasure. By following these guidelines, organizations can reduce the detrimental impact of data loss and quickly resume operations after an incident. Proofpoint’s 2024 data loss landscape report reveals 84.7%

Encryption

Encryption Risk Data breaches Access

The False Economy of Deprioritising Security

IT Governance

MARCH 20, 2024

In the UK, cyber security has been dropping down the board’s list of priorities. The UK government’s Cyber Security Breaches Survey 2023 confirms this trend. Fewer directors, trustees and other senior managers of both UK businesses and charities see cyber security as a high priority in 2023 compared to 2022. Specifically, a 13.4%

Security

Security Data breaches Government Insurance

One-Third of Users Without Security Awareness Training Click on Phishing URLs

Dark Reading

JULY 12, 2022

New data from security training provider shows half of untrained users in consulting, energy, and healthcare industries fall for phishing attacks.

Security awareness

Security awareness Phishing Security

GUEST ESSAY: What it will take to train the next generation of cybersecurity analysts

The Last Watchdog

OCTOBER 4, 2021

It is no secret that there is, and has been for some time, a shortage of trained cyber security professionals in corporate IT Security teams. The cyber security talent crunch has been a growing issue for many years now. million unfilled cyber security jobs globally by 2021. Growing need.

Cybersecurity

Cybersecurity IT Analytics Education

Cybersecurity Training and Tech Aren’t Enough; ‘Culture Change’ Needed

eSecurity Planet

AUGUST 8, 2022

Companies spend a staggering amount of money on cybersecurity products to defend their networks and data from hackers, but a couple of industry pros say that money is wasted if companies don’t change their internal cybersecurity culture. Also read: Best Cybersecurity Awareness Training for Employees. trillion by 2025. “Now

Cybersecurity

Cybersecurity Communications Security Security awareness

3 reasons cyber security training is essential

IT Governance

OCTOBER 31, 2018

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches. Meet compliance requirements. Career growth.

Security

Security GDPR Information Security Data breaches

3 reasons cyber security training is essential

IT Governance

OCTOBER 31, 2018

Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. Here are three reasons to consider it: Reduce the risk of data breaches. Meet compliance requirements. Career growth.

Security

Security GDPR Information Security Data breaches

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. or segregated as cloud or network attached storage (NAS).

Top security challenges and how to overcome them: Employee training

Jamf

APRIL 13, 2023

Discover the top challenges affecting organizations when it comes to training employees on cybersecurity threats, including implementing an ongoing program that comprehensively addresses risks to endpoints, users and data.

Security

Security Cybersecurity Risk IT

Ways to Develop a Cybersecurity Training Program for Employees

Security Affairs

APRIL 15, 2022

Cybersecurity experts would have you believe that your organization’s employees have a crucial role in bolstering or damaging your company’s security initiatives. According to another study by CybSafe, human errors have been responsible for over 90% of data breaches in 2020. Customize Your Security Training.

Cybersecurity

Cybersecurity Data Privacy Data breaches Privacy

Expert Insights: How to Protect Sensitive Machine-Learning Training Data Without Borking It

Dark Reading

OCTOBER 4, 2022

Another element of ML security is the data used to train the machine learning system itself.

IT

IT Security

Cisco Duo warns telephony supplier data breach exposed MFA SMS logs

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack.

Data breaches

Data breaches Metadata Authentication Phishing

MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era

The Last Watchdog

APRIL 2, 2024

It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering. Related: AI makes scam email look real Fresh evidence comes from Mimecast’s “The State of Email and Collaboration Security” 2024 report.

Security

Security Communications Risk Phishing

Live Webinar | Software Security: Prescriptive vs. Descriptive

Data Breach Today

APRIL 16, 2021

Effective software security means enabling the development team with the tools and training it needs to fix what they find. Join this session to find out best practices in remediating software vulnerabilities in smart ways.

Security

Security IT

Gamification Can Make Security Training Fun

ISACA Generative AI Survey: Training Gaps, Focus on Security

Webinars

Trending Sources

KnowBe4 Buys Egress to Aid Awareness Training, Email Defense

Webinars

Huntress Buys Security Training Provider Curricula for $22M

Researchers devised an attack technique to extract ChatGPT training data

CISA Recommends Continuous Cybersecurity Training

Extracting GPT’s Training Data

Google AI Security Plan: Bug Bounty, Supply Chain Safety

GUEST ESSAY: The case for using augmented reality (AR) and virtual reality (VR) to boost training

FTC Chair Asserts Certain Sensitive Data Should Be Excluded from Training AI Models

Why User Awareness Training Misses the Mark

API Flaws Put AI Models at Risk of Data Poisoning

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

Sexual Harassment Prevention Training from…KnowBe4?

Reinventing Security Awareness Training

Zoom trains its AI model with some user data, without giving them an opt-out option

Security Training: Moving on from Nick Burns Through Better Communication

OpenAI Is Not Training on Your Dropbox Documents—Today

ISACA Security Survey 2023: Technical Skills Gaps, Budgeting

Hack The Box Raises $55M to Bolster Cyber Training Platform

Manipulating Machine-Learning Systems through the Order of the Training Data

IBM and TechD partner to securely share data and power insights with gen AI

News alert: Massachusetts pumps $1.1 million into state college cybersecurity training programs

Google Is Using Its Vast Data Stores to Train AI

Facebook Trains Its AI on Your Data. Opting Out May Be Futile

How to Stop Your Data From Being Used to Train AI

Security Compliance & Data Privacy Regulations

What Is a Good Survey Rating for Security and Compliance Training?

Tips for Gamifying Your Cybersecurity Awareness Training Program

GUEST ESSAY: A call to blur the lines between cybersecurity training, up-skilling and higher ed

12 Data Loss Prevention Best Practices (+ Real Success Stories)

The False Economy of Deprioritising Security

One-Third of Users Without Security Awareness Training Click on Phishing URLs

GUEST ESSAY: What it will take to train the next generation of cybersecurity analysts

Cybersecurity Training and Tech Aren’t Enough; ‘Culture Change’ Needed

3 reasons cyber security training is essential

3 reasons cyber security training is essential

Network Security Architecture: Best Practices & Tools

Top security challenges and how to overcome them: Employee training

Ways to Develop a Cybersecurity Training Program for Employees

Expert Insights: How to Protect Sensitive Machine-Learning Training Data Without Borking It

Cisco Duo warns telephony supplier data breach exposed MFA SMS logs

MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era

Live Webinar | Software Security: Prescriptive vs. Descriptive

Stay Connected