People: Security Asset or Liability?

Posted on June 5, 2017 by Admin

In the security world, people get a bad rap.

And it’s not hard to see why. Between social engineering, insider threats, and straight up human error, there are plenty of ways for your users to put the organization at risk.

In fact, according to many reputable sources, human error is the single greatest cause of data breaches.

So why, then, when we look at the average organization’s security budget, do we see so little attributed to security training? After all, budgets are supposed to be


Posted in Cybersecurity, Information Security, Security Awareness Training, Social Engineering

Cyber Hygiene: Getting the Basics Right

Posted on May 9, 2017 by Admin

If your organization takes cyber security seriously, you’ve probably been looking at all sorts of ways to keep the bad guys out.

The trouble is, there are so many different things to think about. A quick walk around a security conference like BlackHat or Infosec will have your mind reeling at the sheer range of options, from advanced threat intelligence and malware analysis to next generation firewalls and endpoint security.

But here’s the thing. The single most damaging thing most


Posted in Cybersecurity

How to Lay the Groundwork for Powerful Cybersecurity

Posted on February 14, 2017 by kellyk

There’s a tendency in the world of cybersecurity to skip over the foundations and move directly to technical solutions. 

Organizations allocate huge sums to threat intelligence or detailed security analytics without performing foundational security practices that help identify how to allocate resources.

To ensure this doesn’t happen to your organization, it is essential to lay the proper groundwork for your cybersecurity initiative.


Where It All Starts: IT GRC

For those who aren’t aware,


Posted in Cybersecurity

How to Secure Your Organization against Cyber-Attacks (Even If You Have No Idea Where to Start)

Posted on January 19, 2017 by kellyk

With cyber-attacks reaching new heights year after year, organizations all over the world are starting to make security a top priority.

You are likely feeling the pressure to do something, but where should you start?

After all, there are so many security products on the market. From endpoint security and threat intelligence to multi-factor authentication and high-end training, the options seem limitless… and there’s no clear progression from start to finish.

In the coming weeks, we’ll be


Posted in Cybersecurity, Information Security

How to Combat Phishing with Email Security Awareness Training

Posted on December 15, 2016 by kellyk

Let’s face it. Email is always a threat.

So, naturally, you do everything to keep your users (and your network) safe. Your preventative measures are constantly being tested and improved, but still, your users are faced with malicious emails in their inboxes every single day.

And it gets worse. According to recent reports, one in every five spear phishing emails sent results in an opened link or attachment. With zero-day exploits being discovered at roughly the rate of one per month, that


Posted in Information Security, Security Awareness Training

Avoid a Security Training Rut

Posted on November 30, 2016 by kellyk

Stephen Wyles, Information Security Analyst

It’s easy to inadvertently create a rut when conducting any repetitive task. Just as is the case with all training, when it comes to security, it’s important to create and repeat training that keeps employees alert and aware of the latest tactics used by attackers to gain access to sensitive information, systems, and facilities. But why is this important? Why do your employees need security training? And why should you care about a training rut?



Posted in Cybersecurity, Information Security, Security Awareness Training

How to Avoid Data Breaches with Mobile Security Awareness Training

Posted on November 21, 2016 by kellyk

Let’s face it. Mobile security is terrifying for system administrators.

Back in the old days, you always had the option of shutting down your network to prevent or limit the amount of damage.

You knew the physical location of every device, and the proverbial ‘big red switch’ could take every one of them offline.

But now…

Nearly every one of your employees has a company smartphone in their pocket. You can’t easily take them offline, you don’t know where they are, and who knows what they’re


Posted in Information Security, Security Awareness Training

How to Keep Your Employees Safe with Social Media Security Training

Posted on October 20, 2016 by kellyk

When it comes to security awareness training, there don't tend to be too many surprises.

Most people know there are dangers associated with email, web browsing, and physical security.

But social media is a bit different.

Over the past decade, social media has revolutionized communication. People are connecting with forgotten friends, long lost family, and classmates from decades past.

So for most people, social media is no more than a tool for leisure and communication. They have no idea


Posted in Information Security, Security Awareness Training, Social Engineering

Training Your Employees to Stay Safe on the Internet

Posted on October 4, 2016 by kellyk

Perhaps unsurprisingly, Internet security has taken a bit of a back seat in recent years.

With the rise of more direct attack vectors such as phishing, organizations seem to feel that the ‘old fashioned’ threat of malicious websites should be lower on their priority list. And that’s understandable… but not advisable.

In fact, with phishing getting all the headlines, it’s easy to forget that unsuspecting employees can easily introduce serious threats such as ransomware into your network just


Posted in Information Security, Security Awareness Training

How to Change Employee Behaviors with Information Security Training

Posted on September 29, 2016 by kellyk

Losing sensitive information has never been a good idea.

But with data protection regulators all over the world starting to find their teeth, now is a really bad time.

Organizations are facing not only bad publicity and loss of business but also huge fines if they’re found to have been negligent in protecting data from theft or loss.

But unfortunately, from time to time, even senior staff members do ridiculous things with data. And whether it’s leaving company laptops in cafes, or


Posted in Information Security, Security Awareness Training

Test de Penetrare, Scanare de Vulnerabilitati, MoldovaTeste de Penetrare, Scanari de Vulnerabilitati, Moldova