Government, How To, Security and Security awareness

What is Cyber Security Awareness and Why is it Important?

IT Governance

MAY 27, 2021

For all the talk of criminal hacking, ransomware infections and the technologies to prevent them, the key to protecting your organisation is cyber security awareness training. If you’re wondering why your employees pose such a big risk and how staff awareness can protect you, we explain everything you need to know in this blog.

Security awareness

Security awareness IT Security GDPR

Bridging the Gap Between Security Awareness and Action

AIIM

DECEMBER 19, 2018

Information security is at the list of concerns (80% are “concerned” or “extremely concerned”). 43% of organizations see the information security and governance problem as “impossible” or “very difficult” to automate, creating competitive advantage for those organizations that can solve this riddle.

Security awareness

Security awareness e-Discovery Security Records Management

Upcoming webinar: Creating an effective cyber security awareness programme

IT Governance

DECEMBER 1, 2017

As hard as it is to believe, an organisation’s biggest security risk is often its own. 75% of large organisations suffered staff-related security breaches in , with 50% of the worst breaches caused by human error, according to a report published by Axelos. 7 February 2018: Staff awareness: developing a security culture.

Security awareness

Security awareness Security Compliance GDPR

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Data Governance Makes Data Security Less Scary

erwin

OCTOBER 31, 2019

The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary. Where Are the Skeletons?

Government

Government Security Metadata Data breaches

ISO 27001 and Physical Security

IT Governance

MAY 15, 2024

Physical access control, physical security monitoring, CCTV, and more When we hear the term ‘information security’ – or, for that matter, ‘ISO 27001’ – our thoughts usually turn straight to cyber security. However, physical security is also an important aspect of information and data security.

Security

Security Information Security Access Cloud

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

CyberheistNews Vol 13 #13 | March 28th, 2023 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO. "A Is the email enticing you to click on a link?'

Phishing

Phishing Security awareness Insurance Cybersecurity

How To Organize Your Company’s Knowledge Assets In 6 Simple Steps

AIIM

MAY 20, 2021

Step 3: Have Clear Corporate Data Security Policies. Step 5: Secure Valuable Knowledge. The third and final way to label your knowledge assets is through their security-related access levels. Data categorization primes you for the next step—data security policy formulation. You must secure it. Medium-value assets).

Sales

Sales Data breaches Marketing Access

Cyber security horror stories to scare you this Halloween

IT Governance

OCTOBER 26, 2021

This Sunday is both Halloween and the end of National Cyber Security Awareness Month – and what better way to mark the occasion than with some cyber security horror stories? But when it comes to cyber security, you can never be as sure that the person behind the mask is as benign. Stay safe with IT Governance.

Phishing

Phishing Security Ransomware Security awareness

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

SaaS security checklists are frameworks for protecting data and applications in cloud-based environments. They serve as benchmarks for upholding strong security requirements, evaluating existing tools, and assessing potential solutions. We’ve designed a customizable template to help you develop your own SaaS security checklist.

Security

Security Compliance Cybersecurity Communications

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. Also read: SANS Outlines Critical Infrastructure Security Steps as Russia, U.S.

Security

Security Ransomware Cybersecurity Privacy

What are you doing for European Cyber Security Month?

IT Governance

OCTOBER 1, 2019

October is National Cyber Security Awareness Month , where people are encouraged to brush up on their everyday information security practices. What is European Cyber Security Month? Cyber Security Month is an EU awareness campaign that promotes cyber security in the workplace and at home.

Security

Security Security awareness Passwords Risk

How to document PCI DSS-compliant policies and procedures – with template example

IT Governance

OCTOBER 24, 2019

That’s why Requirement 12 of the PCI DSS (Payment Card Industry Data Security Standard) instructs organisations to implement policies and procedures to help staff manage risks. It provides a detailed outline of information security responsibilities for all staff, contractors, partners and third parties that access the CDE.

Security awareness

Security awareness Information Security Risk Data breaches

QR Codes: A Growing Security Problem

eSecurity Planet

FEBRUARY 21, 2022

Quick response (QR) codes are a convenient format for storing all kinds of information in a readable and secure way, at least when correctly implemented. With the ongoing COVID-19 pandemic, for example, governments have recently implemented QR codes to create Digital COVID Certificates for vaccination, tests status and other reasons.

Security

Security Encryption Authentication Phishing

Unlocking AI potential for CISOs: A framework for safe adoption

OpenText Information Management

MAY 6, 2024

AI is quickly becoming ubiquitous, which means CISOs must know how to manage, guide, and lead AI’s adoption. AI trends – what is the role of AI in the security market? As AI development and usage continue to evolve, the security landscape is bound to evolve with them. billion by 2030. is a resounding YES!

Artificial Intelligence

Artificial Intelligence Security awareness Security Risk

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

one of the biggest cyber security threats is inside your organisation , there’s never been a better time to ensure your organisation has an effective GDPR staff awareness training programme in place. . How to deliver staff awareness training – seven top tips . 1) Consider your requirements .

GDPR

GDPR Compliance Security awareness Education

How to implement a GDPR staff awareness training programme

IT Governance

OCTOBER 29, 2018

one of the biggest cyber security threats is inside your organisation , there’s never been a better time to ensure your organisation has an effective GDPR staff awareness training programme in place. . How to deliver staff awareness training – seven top tips . 1) Consider your requirements .

GDPR

GDPR Compliance Security awareness Education

Weekly discussion podcast #13: Security in the Digital World

IT Governance

MAY 1, 2018

This week’s extract is taken from Graham Day’s book Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Q: What useful task can you give children to teach them how to be responsible online?

Security

Security Security awareness Information Security Government

Best Cybersecurity Awareness Training for Employees in 2021

eSecurity Planet

JUNE 17, 2021

Back in the day, security training was largely reserved for IT security specialists and then extended to include IT personnel in general. These days, all employees need to be well educated in security best practices and good habits if the organization wishes to steer clear of ransomware and malware. Elevate Security.

Cybersecurity

Cybersecurity Security awareness Phishing Education

What Is API Security? Definition, Fundamentals, & Tips

eSecurity Planet

SEPTEMBER 8, 2023

Application programming interface (API) security is a combination of tools and best practices to secure the all-important connections between applications. API security protects data and back-end systems while preserving fluid communication between software components through strict protocols and access controls.

Security

Security Authentication Access Encryption

Author podcast: Security in the Digital World with Graham Day

IT Governance

OCTOBER 18, 2018

We caught up with Graham Day author of October’s book of the month, Security in the Digital World , to find out more. Learn how to protect yourself in the digital world. Learn how to protect yourself in the digital world. Keep your children safe when using the Internet.

Security

Security Security awareness Information Security Risk

SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing

The Last Watchdog

JUNE 28, 2021

Microsoft said it notified the targeted 150 organizations, which included “IT companies (57%), followed by government (20%), and smaller percentages for non-governmental organizations and think tanks, as well as financial services.” This group has been in business for a long time and has made a name for itself with its successes.

Phishing

Phishing Passwords Authentication Financial Services

Weekly discussion podcast: Security in the Digital World

IT Governance

MARCH 19, 2018

This week’s extract is taken from Graham Day’s book Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Use the subject line ‘Security in the Digital World Competition’.

Security

Security Security awareness Passwords Information Security

Upcoming webinar: Staff awareness: developing a security culture

IT Governance

JANUARY 22, 2018

As industry experts, we are often asked how large an organisation’s security function should be. Building and maintaining this ‘culture of security’ is the only truly effective measure to address the human factor as part of your security threat prevention strategy. Our answer is: “As large as the organisation itself.”.

Security

Security Security awareness Government IT

Why you should train your staff to think securely

IT Governance

JUNE 21, 2018

Far too often, information security teams have only the broadest overview of the wider workings of their organisations. Other staff, meanwhile, tend to have little knowledge of or interest in information security practices, which they often believe have been designed to hinder their day-to-day work. How your staff help attackers.

Security

Security Security awareness Information Security Phishing

U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

eSecurity Planet

JANUARY 12, 2022

federal security agencies are putting companies on alert to potential threats from Russian state-sponsored cybercriminal groups, warning in particular about dangers to critical infrastructure and urging organizations to learn how to detect and protect against attacks. The joint cybersecurity advisory issued Jan.

Security

Security Passwords Cybersecurity Ransomware

Weekly discussion podcast #10: Security in the Digital World

IT Governance

APRIL 9, 2018

This week’s extract is taken from Graham Day’s book Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Use the subject line ‘Security in the Digital World Competition’.

Security

Security Security awareness Information Security Government

Why Cybersecurity Pros Should Care About Governance

Getting Information Done

APRIL 18, 2017

Ultimately, the chief information security officer (CISO) needs to understand the information footprint across systems, determine the value/risk of loss, and protect against cyberattacks through the deployment of control activities, which are commensurate with the value/risk of these information systems.

Government

Government Cybersecurity Insurance Information governance

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes. According to Abnormal Security, nearly every aspect of the request looked legitimate. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.

Phishing

Phishing Security awareness Cybersecurity Education

8 Tips for a Secure Cybersecurity Awareness Month

KnowBe4

OCTOBER 2, 2019

National Cybersecurity Awareness Month is the perfect time to think holistically about security awareness. National Cybersecurity Awareness Month (NCSAM) is well underway! A cybersecure workforce does not come from a one-and-done approach to teaching security best practices. How to Take Action? Protect It.,”

Cybersecurity

Cybersecurity Security Security awareness Phishing

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

FEBRUARY 3, 2021

21 disclosed how cybercriminals broke into its Customer Relationship Management (CRM) platform as a gateway to compromise the cell phones of an undisclosed number of the telecom giant’s customers. Andy Oehler, VP of Product Management, Zentry Security . The latest twist: mobile network operator UScellular on Jan.

Phishing

Phishing Access Authentication Passwords

Weekly discussion podcast #12: Security in the Digital World

IT Governance

APRIL 23, 2018

This week’s extract is taken from Graham Day’s book Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Q: What is the authors’ number one tip for improving your Snapchat security?

Security

Security Security awareness Information Security Government

Weekly discussion podcast #9: Security in the Digital World

IT Governance

MARCH 26, 2018

This week’s extract is taken from Graham Day’s book Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. Use the subject line ‘Security in the Digital World Competition’.

Security

Security Security awareness Government Information Security

New SEC Rules Require Breach Disclosure within Four Days

eSecurity Planet

JULY 27, 2023

Securities and Exchange Commission this week announced new rules mandating the disclosure of cybersecurity incidents as well as ongoing risk management, strategy, and governance. “But breach notices are not security – and never will be.” “But breach notices are not security – and never will be.”

Data Privacy

Data Privacy Cybersecurity Risk Compliance

Weekly discussion podcast #11: Security in the Digital World

IT Governance

APRIL 16, 2018

This week’s extract is taken from Graham Day’s book Security in the Digital World. This must-have guide features simple explanations, examples and advice to help you become security-aware in a developing digital world. The impressive security functions of iPhones tend to be overlooked, or not fully understood by users.

Security

Security Security awareness Privacy Information Security

CyberheistNews Vol 13 #23 [Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

KnowBe4

JUNE 6, 2023

A new, HUGE, very important, fact has been gleaned by Barracuda Networks which should impact the way that EVERYONE does security awareness training. CONTINUED] at KnowBe4 blog: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore.

Phishing

Phishing Security awareness IT Passwords

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

KnowBe4

JULY 5, 2023

But I don't think an attack of such magnitude as the one identified by security researchers at Internet security monitoring vendor Bolster. This latest impersonation campaign makes the case for ensuring users are vigilant when interacting with the web – something accomplished through continual Security Awareness Training.

Phishing

Phishing Security awareness Passwords Computer and Electronics

What VCs See Happening in Cybersecurity in 2023

eSecurity Planet

DECEMBER 7, 2022

Just today, security and compliance automation firm Drata announced a $200 million Series C funding round that brings the company’s valuation to $2 billion, doubling its $1 billion valuation from its Series B round last year. According to a recent Gartner survey, security is the top priority for CIOs. Where will the dollars go?

Cybersecurity

Cybersecurity Compliance Risk Ransomware

Two managers sacked, CEO fined following massive SingHealth data breach

IT Governance

JANUARY 29, 2019

Meanwhile, Security Incident Response Manager Ernest Tan “persistently held a mistaken understanding of what constituted a ‘security incident’” and when incidents needed to be reported. You can find out what those measures entail by reading our free guide: Nine ways to improve your security awareness programme.

Data breaches

Data breaches Security awareness Passwords Risk

Free resources to help you prevent and respond to data breaches

IT Governance

SEPTEMBER 20, 2018

The situation might seem hopeless, with cyber criminals outnumbering overworked and underfunded information security personnel, but there are plenty of ways you can improve your defences, even on a tight budget. This green paper explains each requirement and how you can comply. Green papers. Green papers.

Data breaches

Data breaches GDPR Security awareness Paper

CyberheistNews Vol 13 #08 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach

KnowBe4

FEBRUARY 21, 2023

Employees play a role in organizational cybersecurity – Reddit mentions that "soon after being phished, the affected employee self-reported, and the security team responded quickly, removing the infiltrator's access and commencing an internal investigation." Blog post with links: [link] Are Your Users Making Risky Security Mistakes?

Phishing

Phishing Data breaches Security awareness Security

12 Data Loss Prevention Best Practices (+ Real Success Stories)

eSecurity Planet

APRIL 12, 2024

Explore some real-world instances below and discover when and how to use DLP procedures for optimal data security. Industry-specific rules: Check relevant regulations on a regular basis to verify data security compliance , and use DLP to protect sensitive data and reduce regulatory risks.

Encryption

Encryption Risk Data breaches Access

Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity

eSecurity Planet

AUGUST 27, 2021

Some of the biggest names in tech are promising to spend more than $30 billion to bolster cybersecurity capabilities, from securing the supply chain and expanding the adoption of the zero trust model to growing the talent pool , ramping up security awareness and revamping parts of the National Institute of Standards and Technology (NIST) framework.

Cybersecurity

Cybersecurity Education Authentication Security awareness

Microsoft Unsure How Chinese Hackers Stole MSA Key to Breach U.S. Agencies

eSecurity Planet

JULY 18, 2023

Microsoft has hardened security following a Chinese hack of U.S. government agency email accounts, but some details remain a mystery. Even as the threat has passed, Microsoft officials are still analyzing how a Chinese threat group was able to access U.S. ” The attack, Microsoft says, has now been mitigated for all users.

Authentication

Authentication Access Phishing Government

Upcoming webinar: GDPR compliance: getting everyone in the organisation on board

IT Governance

JANUARY 10, 2018

Yet with little more than six months until the EU General Data Protection Regulation (GDPR) compliance deadline, organisations looking to achieve compliance will be required to create a shift in organisational culture to better support business objectives and tackle bad security habits.

GDPR

GDPR Compliance Security awareness Government

What is Cyber Security Awareness and Why is it Important?

Bridging the Gap Between Security Awareness and Action

Webinars

Trending Sources

Upcoming webinar: Creating an effective cyber security awareness programme

Webinars

Data Governance Makes Data Security Less Scary

ISO 27001 and Physical Security

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

How To Organize Your Company’s Knowledge Assets In 6 Simple Steps

Cyber security horror stories to scare you this Halloween

What Is a SaaS Security Checklist? Tips & Free Template

Security Outlook 2023: Cyber Warfare Expands Threats

What are you doing for European Cyber Security Month?

How to document PCI DSS-compliant policies and procedures – with template example

QR Codes: A Growing Security Problem

Unlocking AI potential for CISOs: A framework for safe adoption

How to implement a GDPR staff awareness training programme

How to implement a GDPR staff awareness training programme

Weekly discussion podcast #13: Security in the Digital World

Best Cybersecurity Awareness Training for Employees in 2021

What Is API Security? Definition, Fundamentals, & Tips

Author podcast: Security in the Digital World with Graham Day

SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing

Weekly discussion podcast: Security in the Digital World

Upcoming webinar: Staff awareness: developing a security culture

Why you should train your staff to think securely

U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

Weekly discussion podcast #10: Security in the Digital World

Why Cybersecurity Pros Should Care About Governance

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

8 Tips for a Secure Cybersecurity Awareness Month

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

Weekly discussion podcast #12: Security in the Digital World

Weekly discussion podcast #9: Security in the Digital World

New SEC Rules Require Breach Disclosure within Four Days

Weekly discussion podcast #11: Security in the Digital World

CyberheistNews Vol 13 #23 [Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

What VCs See Happening in Cybersecurity in 2023

Two managers sacked, CEO fined following massive SingHealth data breach

Free resources to help you prevent and respond to data breaches

CyberheistNews Vol 13 #08 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach

12 Data Loss Prevention Best Practices (+ Real Success Stories)

Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity

Microsoft Unsure How Chinese Hackers Stole MSA Key to Breach U.S. Agencies

Upcoming webinar: GDPR compliance: getting everyone in the organisation on board

Stay Connected