Latest cyber security news, views and insights

Measuring Cyber Security Culture

Reading Time: 1 minute This whitepaper reveals how today’s security teams can build a secure culture. Following characteristically thorough research, lead author Dr. John Blythe explains why secure cultures are few and far between and how to build a secure culture in your organisation.

read more

Behaviour Change whitepaper

Reading Time: 1 minute In this whitepaper, we outline the CybSafe approach to applying behavioural science, how it’s embedded in everything we do and how our products drive behaviour change in employees.

read more

People-centric security e-book

Reading Time: 1 minute Is it time to reconsider traditional approaches to cyber security? For a long time now, people have largely been viewed as a cyber security “weakness”, and the viewpoint has shaped the majority of the cyber security strategies we see today. The strategies focus on restrictive measures. They focus single-mindedly on minimising the risks that people pose. Crucially, they do not consider how people can actively prevent cyber attacks, and therefore fail to capitalise on a valuable cyber defence. People-centric security flips the conventional thinking on its head.

read more

In the absence of a secure culture, reducing cyber risk could be impossible

Reading Time: 3 minutes To understand why it might be impossible to reduce human cyber risk without a secure culture, it’s worth considering a series of experiments from the world of behavioural science.The experiments weren’t designed to uncover security insights. Rather, they were designed to demonstrate quirks in human behaviour. Specifically, they were designed to reveal why people sometimes “cheat”.

read more

Phishing Training: an intelligent approach

Broadly speaking, most phishing training works in more or less the same way. An automated tool sends simulated phishing and spear phishing simulations to those within your organisation. The simulations fool some, but not others. The tests reveal precisely who has been...

read more

The two most common phishing scams that affect UK businesses

Reading Time: 3 minutes Phishing scams evolve constantly. Don’t they?

On the one hand, yes. Sophisticated cyber criminals are very much aware that, once a phishing scam becomes well known, its potency falls. So, over time, phishing scams adapt and evolve.

On the other hand, the the nuts and bolts of phishing scams are surprisingly static. On the whole, phishing attacks are quick, cheap and disastrously effective. Knowing this, criminals rarely tweak the inner workings of their phishing scams all that much.

read more

How can phishing affect a business?

Reading Time: 3 minutes The consequences of phishing can be severe…

It’s widely reported, for example, that tech giants including Facebook and Google sent as much as $100m directly to criminals following a spear phishing campaign that went on for more than two years.

read more

Why Phishing Training Is Important

Reading Time: 2 minutes In 2017, an email prankster targeted the White House.

The prankster’s goal was simple: to trick White House staff into responding to fraudulent emails for nothing more than a cheap thrill. With little to gain from the endeavour, the prankster’s efforts were basic.

The trickster wrote a simple email purporting to be from Donald Trump’s son-in-law, Jared Kushner. He sent it off to Tom Bossert (at the time Homeland Security Advisor). And he waited to see if the security advisor would respond.

read more