Blog
The CybSafe blog is a collection of stories, updates and guidance for people-centric security professionals.
Post-pandemic, CISOs are overlooking an important cyber defence
Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”.
We thought we needed to secure remote workers. We were wrong.
Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”.
![[FREE] A beginner’s introduction to cyber security & the human aspect of cyber security](https://www.cybsafe.com/wp-content/uploads/2020/08/Screenshot-2020-08-06-at-11.52.05-400x250.png)
[FREE] A beginner’s introduction to cyber security & the human aspect of cyber security
This list of free (or cheap) resources is a good introduction to the world of cyber security and the human aspect of cyber security. It’s by no means exhaustive, covering only the most fundamental concepts. Nevertheless, it’s a great place to start for beginners and...
Zero-trust is up post-COVID-19, but you’d be wrong for thinking it will keep networks safe.
“Now a good chunk of your critical assets are behind the firewall, but all your employees are not.” That’s what NetMotion CEO Christopher Kenessey said recently. He was summarising the problem we’re all facing: All of a sudden, the working world has changed.
How to make sure remote workers learn security skills from others – Part 2
As we discussed in part one of this post, isolation restricts remote worker security. (Read part one here before continuing.) Remote workers can’t watch others. They rarely receive verbal feedback. And even if they did, remote workers tend to feel their environment prevents security – which limits their learning. That’s all proven to cap remote worker security. So what can you do about it?
Security awareness is dead. Long live borderless security awareness.
If we’re honest with ourselves, we’ve all known it for a long time. Posters. Compulsory e-learning. Seminars and desk-drops. They’re security awareness staples. And they’re now all, without question, ineffective. They’re designed to teach people about security. Just on our terms.
Does isolation restrict remote worker security? – Part 1
Research shows how “social learning” impacts security skills – and it says a lot about securing remote workers. Remote working is here to stay. And there are benefits. But when it comes to security, remote working poses a problem.
From 8th-12th of June 2020, PeepSec is back! Here’s what to expect…
From 8th-12th June 2020, the official London Tech Week event PeepSec is back! You can register to attend for free here. And there’s good reason to. In 2020, PeepSec is perhaps more relevant than it’s ever been before…
How to secure Zoom, Houseparty and other video conferencing apps
We can all take steps to increase the security of video conferencing apps. This guide explains how.
Why some people may take more security risks when working remotely
Our environments influence our behaviours, which means some people may take more security risks when working remotely.
Why I’m delighted with Forrester’s recognition of CybSafe
Independent Research Firm Forrester has named CybSafe a leader in its Security Awareness and Training Solutions report. According to CybSafe CEO Oz Alashe, it’s a big step towards keeping people and societies safe.
Six security essentials for those working from home
The COVID-19 outbreak is promoting remote working. Here’s how to minimise cyber risk when working from home.
Cyber criminals are using COVID-19 cover stories in new phishing attacks
Criminals are using COVID-19 stories to convince people to do things they’d never normally do.
Why we need new and better human cyber risk metrics
To make a difference as a security professional today, you need board support. You need resources. You need directors to trust and back you. You need organisational leaders to promote security.
Why do some organisations use two security awareness training solutions at once?
Why do some organisations often use two or more security awareness training solutions at once? That’s a question that grabbed our attention when it popped up on social recently. The comment highlighted the following security oddity…
What we learned at SABS4CYBER 2019 – Part 2 of 2
SABS4CYBER is an annual conference that shines a spotlight on social and behavioural sciences. More specifically, SABS4CYBER puts the people using social and behavioural science to solve security challenges into the spotlight.
What we learned at SABS4CYBER 2019 – Part 1 of 2
SABS4CYBER is an annual conference that shines a spotlight on social and behavioural sciences. More specifically, SABS4CYBER puts the people using social and behavioural science to solve security challenges into the spotlight.
What we learned at PeepSec 2019 – Part II
This is Part Two of a post reviewing key takeaways from PeepSec 2019. You can read Part One here. To access the free video recordings of every talk from PeepSec 2019, register here.
What we learned at PeepSec 2019 – Part I
Following its inauguration in 2018, PeepSec returned in 2019 to facilitate further discussion on the opportunities and issues born from the interactions between people and technology.
Using AI and machine learning to improve cyber defences and reduce human cyber risk
To understand how AI and machine learning can reduce cyber risk, it’s worth considering how a typical taxi journey will look in a few years time.Today, when you jump into a taxi, you’re greeted by a driver who might inquire into your preference of radio station and ask you one or two cursory questions while edging you towards your eventual destination.
Let’s punish phishing victims… er, you want to do what?!
There is a big, hairy elephant in the room when it comes to phishing: Many organisations believe that it’s okay, or right, or that they have no choice other than to punish people who repeatedly fail phishing simulations. Are they right? Before we answer that, let’s...