Blog
What we learned at PeepSec 2019 – Part II
Reading Time: 5 minutes Following its inauguration in 2018, PeepSec returned in 2019 to facilitate further discussion on the opportunities and issues born from the interactions between people and technology.
What we learned at PeepSec 2019 – Part I
Reading Time: 3 minutes Following its inauguration in 2018, PeepSec returned in 2019 to facilitate further discussion on the opportunities and issues born from the interactions between people and technology.
Using AI and machine learning to improve cyber defences and reduce human cyber risk
Reading Time: 3 minutes To understand how AI and machine learning can reduce cyber risk, it’s worth considering how a typical taxi journey will look in a few years time.Today, when you jump into a taxi, you’re greeted by a driver who might inquire into your preference of radio station and ask you one or two cursory questions while edging you towards your eventual destination.
Let’s punish phishing victims… er, you want to do what?!
There is a big, hairy elephant in the room when it comes to phishing: Many organisations believe that it’s okay, or right, or that they have no choice other than to punish people who repeatedly fail phishing simulations. Are they right? Before we answer that, let’s...
In the absence of a secure culture, reducing cyber risk could be impossible
Reading Time: 3 minutes To understand why it might be impossible to reduce human cyber risk without a secure culture, it’s worth considering a series of experiments from the world of behavioural science.The experiments weren’t designed to uncover security insights. Rather, they were designed to demonstrate quirks in human behaviour. Specifically, they were designed to reveal why people sometimes “cheat”.
You are almost certainly miscalculating your cyber risk
Reading Time: 2 minutes Although it might not seem like it, people’s actions following 9/11 demonstrate just how likely it is you’re miscalculating your cyber risk.Following the terrorist attacks of 9/11, people began to change their travel plans.
Some people love to take a risk. So shouldn’t we be tailoring security awareness training?
Reading Time: 2 minutes As you may already be aware, most people prefer to avoid taking risks. In fact, most people prefer to avoid taking risks so much that they fail to do so even when taking the risk makes complete and total sense.
Phishing Training: an intelligent approach
Broadly speaking, most phishing training works in more or less the same way. An automated tool sends simulated phishing and spear phishing simulations to those within your organisation. The simulations fool some, but not others. The tests reveal precisely who has been...
Some simulated attacks help reduce cyber risk. Others are redundant. What’s the difference?
Reading Time: 2 minutes Here’s an interesting conundrum for cyber security professionals.Some simulated attacks reduce human cyber risk.Others, however, have no effect on risk – and may even have a negative impact.