BLOG POSTS

Baiting, How Cybercriminals Exploit Human Nature:
Clever tactics known as baiting encourage employees to click on web links or plug in devices that can lead to catastrophic outcomes for your business.

For Security Awareness Training That Sticks, Remember Your ABCs: Attitude, behavior and cognition — these are the three “channels” of training you can tap into for better security awareness program results.

Using NIST’s Phish Scale to Optimize Employee Training:
Security teams need to be resourceful to get a handle on email phishing attacks. NIST’s Phish Scale is a resource that can help train employees to avoid these scams.

Teaching Good Security Behaviors with Seinfeld:
Security departments can use entertaining content to get employees more engaged in security awareness training.

Real Ransomware Risk vs. False Sense of Cybersecurity.
New survey data shows a troubling disconnect between security professionals’ confidence and their track record in beating ransomware. What gives?

Countering Synthetic Media Attacks With Security Policy
Scams That Digitally Impersonate People’s Voices And Likenesses Are Poised To Become The Next Wave Of Cyber Risk. How Should Employees Train Up?

Phishing from the Victim’s Perspective
Organizations Should Look At Email Security Risks Through Their Employees’ Eyes.

Cultivating Cyber Resilience Stewards: Motivating Users To Take An Active Role In Advancing Your Organization’s Cybersecurity Can Be Challenging. Gamifying Their Training Is A Promising Approach To Increasing Engagement

Security Awareness Training – Dealing with Repeat Clickers: How Do You Make Your Security Training More Successful? Focus On Employees Who Repeatedly Fall For Phishing Emails.

The Security Paradox – How Phishing Filters Can Make Your Organization Less Secure: Research Finds That Too Little Exposure To Phishing Emails Can Make Users More Susceptible To Them. The Key Is Finding The Right Cadence Of Simulated Phishing Campaigns.

To Raise User Security Awareness — Don’t Coddle Them: Attempting To Train Users By Exposing Them To Sample Phishing Emails Can Backfire If The Examples Used Are Too Easy To Detect.