Research Library

The persistently changing landscape of cyberspace and cybersecurity has led to a call for organizations’ increased attention toward securing information and systems. Rapid change in the cyber environment puts it on a scale unlike any other performance environment...

This paper proposes a multi-layered approach to defending your organisation against phishing attacks, condensed into four layers. At each layer, the authors recommend tactical interventions to help organisations achieve this multi-layered security.  

One of the most difficult challenges in information security today is phishing. Phishing is a difficult problem to address because there are many permutations, messages, and value propositions that can be sent to targets. Spear phishing is also associated with social...

Creative security engagements can take many forms and can be configured in different ways but they follow a similar pattern of actions: Frame, Identity, Process, Narrate. The process is not a linear, step-by-step process but an iterative one where the Facilitator of a...

This report summarises key findings from ‘The Global State of Information Security Survey 2018’, which surveyed 9,500 global C-suite executives and directors about their organisation’s security practises. The report identifies and expands on nine data privacy and...

What the Internet of Things means for consumer privacy discusses the findings of an Economist Intelligence Unit (EIU) research programme, sponsored by ForgeRock, that explores the privacy concerns and priorities of global consumers stemming from the Internet of Things...

Creative security engagement is an approach that helps participants to draw out the details of day-to-day security practices. As a result, such engagement methods are not only able to sketch out issues related to IT infrastructure and its use but also the everyday...

Sharing experiences about digital practices and about digital security in particular is an important means of learning and sharing security practices. These stories are also important because they bring out the difficulties and inconsistencies people face in...

This report is designed to educate and inform organisations on the cyber threat landscape. It explores what to consider when disaster strikes and explains the importance of people and partnerships.     Read full paper    ...

A great deal of research has been devoted to the exploration and categorization of threats posed from malicious attacks from current employees who are disgruntled with the organisation, or are motivated by financial gain. These so-called “insider threats” pose a...