ABC+

Articles on security awareness, behaviour and culture.

 

Post-pandemic, CISOs are overlooking an important cyber defence

Post-pandemic, CISOs are overlooking an important cyber defence

Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”. 

read more
We thought we needed to secure remote workers. We were wrong.

We thought we needed to secure remote workers. We were wrong.

Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe will be joining the growing list of organisations “working from anywhere”. Not temporarily. Permanently. And not “working from home”. Working from anywhere. Questions about office hours and moving overseas quickly begin. They showcase people’s excitement. But they also highlight an interesting point – For months now, most security professionals have been desperate to “secure remote workers”. 

read more
How to make sure remote workers learn security skills from others – Part 2

How to make sure remote workers learn security skills from others – Part 2

As we discussed in part one of this post, isolation restricts remote worker security. (Read part one here before continuing.) Remote workers can’t watch others. They rarely receive verbal feedback. And even if they did, remote workers tend to feel their environment prevents security – which limits their learning. That’s all proven to cap remote worker security. So what can you do about it?

read more
In the absence of a secure culture, reducing cyber risk could be impossible

In the absence of a secure culture, reducing cyber risk could be impossible

To understand why it might be impossible to reduce human cyber risk without a secure culture, it’s worth considering a series of experiments from the world of behavioural science.The experiments weren’t designed to uncover security insights. Rather, they were designed to demonstrate quirks in human behaviour. Specifically, they were designed to reveal why people sometimes “cheat”.

read more
Phishing Training: an intelligent approach

Phishing Training: an intelligent approach

Broadly speaking, most phishing training works in more or less the same way. An automated tool sends simulated phishing and spear phishing simulations to those within your organisation. The simulations fool some, but not others. The tests reveal precisely who has been...

read more
The two most common phishing scams that affect UK businesses

The two most common phishing scams that affect UK businesses

Phishing scams evolve constantly. Don’t they?

On the one hand, yes. Sophisticated cyber criminals are very much aware that, once a phishing scam becomes well known, its potency falls. So, over time, phishing scams adapt and evolve.

On the other hand, the the nuts and bolts of phishing scams are surprisingly static. On the whole, phishing attacks are quick, cheap and disastrously effective. Knowing this, criminals rarely tweak the inner workings of their phishing scams all that much.

read more