Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
CybSafe launches SebDB 2.0 to help organizations measure and change security behaviors
SebDB maps 70 specific security behaviors linked to security risk to help professionals change behavior and reduce risk October 25, 2022 06:00 AM Eastern Daylight Time– CybSafe, the behavioral risk platform helping organizations change behavior to reduce security...
CybSafe’s new behavioural risk platform challenges the security awareness and training status quo
CybSafe, Canary Wharf, London & [insert US address] – 19th October 2022 - CybSafe, the behavioural risk platform, today announced the launch of new platform features. The platform continues to be built on the universal truth that access to technology is no longer...
Azure vulnerability. Director of BSI is out. Cyber skirmishing. The state of ransomware. CISA releases two ICS Advisories
CyberWire
Stealing your company’s data is a piece of cake
Would you like some data theft with your coffee? Last time, we explored auto-updates and why your people aren’t getting around to enabling them. This week’s topic is one that's just as easily overlooked.It goes like this. Your new marketing guy, Dave, is waiting for a...
We need to stop referring to humans as security “assets”
We were wrong. Humans are NOT “security assets”.First, the industry referred to people as the “weakest link” in cybersecurity. Because you know how those pesky things click on every link they’re sent. Then they became the “strongest asset” because the industry...
Security awareness is dead (or dying)
Security awareness is dead (or dying)The slow death of security awareness is happeningOver 90% of cyber security incidents are linked to people. So why are organizations only paying lip service to human cyber risk? Why are tick-box training and phishing simulations...
Your cyber security goals are worthless. There, we said it
Here’s the thing. Your cybersecurity goals are very noble. You know the risks you want to avoid, and that’s great. Except it could all count for nothing. If you’re a security awareness professional, don’t quit your job just yet. We want to get you on your way to...
On demand webinar: Using SebDB to reduce key business risks
FREE WEBINAR How to use SebDB to reduce your human risk A conversation with Dr. Jason NurseHow many security behaviors are you targeting? And which risks have you linked them to? Most security professionals set broad goals like “reduce malware infections”. But they...
Why are your people still snoozing updates?
Enabling auto-updates is more complicated than you think Last week, our CEO recommended a few ways to influence long-term security behaviors. This week, we’re jumping into auto-updates.“Change is the only constant.” That’s certainly true as far as IT is concerned....
10 ways to influence long-term security behaviors
Just because your security awareness training is ‘engaging’ doesn’t mean it works Creative, funny, and wildly engaging security awareness training doesn’t lead to lasting behavior change. What it does is make people say, “I really enjoyed your training and...
Behave 1.0
Security awareness doesn’t translate to behavior change. But measuring and influencing security behaviors does. And that’s the focus of CybSafe’s Behave Series.
A lesson on security behaviors
It’s time you learnt your lesson about security behaviors Assign all the traditional security awareness training you want. Your people will probably attend every session and tick all the right boxes, but their security behaviors won’t change. But that doesn’t mean...
On demand webinar: Influencing specific security behaviors: Real-world examples
FREE WEBINAR Influencing specific security behaviors: Real-world examples How the CybSafe platform can help you influence (and change) specific security behaviorsHow long have you been relying on traditional security awareness training to lower your human risk?...
It’s time to stop exposing yourself online
In last week’s Behave Series blog, we explored phishing simulations, and how to put them to work in your organization.This week, we’re staging an intervention. Because you've just got to stop revealing so much of yourself to Internet strangers. Oh, and, we’re talking...
A new approach to simulated phishing
A new approach to simulated phishingHow to run simulated phishing campaigns (the right way) and reduce your human cyber riskAnyone can be phished. Anyone. All it takes is the right email, sent at the right time, in the right situation. Yeah, that’s a lot of ‘rights’...
Goodbye, security awareness training!
It’s time to pull the plug on traditional security awareness training We know it’s hard to let go. But this is getting out of hand. Traditional security awareness training has been on its deathbed for so long now that our eyes water whenever we get a whiff of...
How to get phishing simulations right
As part of our Behave Series last week, we talked about multi-factor authentication (MFA), and how to encourage your people to adopt it.This week, we’re diving into phishing simulations. They’re particularly useful for finding and filling the security cracks in your...
On demand webinar: Security awareness is dead (or dying)
FREE WEBINAR Security awareness is dead (or dying) Reducing human cyber risk in your organizationOn demandSecurity awareness is dead. Or, at the very least, is dying. Think about it. You have a modern business. Or maybe you’re just trying to keep up with the...
Spotlight: Have you got the multi-factor?
Last week in our Behave Series blog we looked at passwords. This week we’re turning it up to 11. This week, we’re talking about multi-factor authentication (MFA). Multi-factor authentication. It’s the unsung hero of cybersecurity. It’s thwarted many a cybercriminal....
Spotlight: Creating a passphrase ruleset
This week we’re focusing on passwords. We know you’re no stranger to these, and neither are your workforce. But familiarity isn’t helpful here. In fact, it’s a criminal’s best friend. Everyone in your business will have at least three or four passwords in their...
Phishing webinar hot take: Insurance executives need to get it together
Look, anyone can be phished. Yes, even the executives in their fancy suits. But that’s not what we’re here to talk about. We’re here to talk about some of the reasons why phishing risk isn’t being properly managed. And yes, that means we’re calling out the higher ups...