Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Who cares about cybersecurity awareness month?
We asked a thousand users. Here’s what they said… 1/4 of respondents are aware of Cybersecurity Awareness Month 60% of the people who do not participate in CAM think their organization sees cybersecurity as unimportant 80% of participants are concerned with personal...
Cybersecurity Awareness Month participants show 50% higher trust in employer’s security stance
A quarter of respondents are aware of the existence of Cybersecurity Awareness Month (CAM) Of those who participate in CAM, 93% believe their organization sees cybersecurity as an important issue, compared to just 60% of those who don’t participate CAM participants...
Free Cybersecurity Awareness Month Planning Tool
Free Cybersecurity Awareness Month Planning Tool Cybersecurity Awareness Month 2024 (CAM2024) is around the corner… FREE SECURITY AWARENESS PLANNING TOOLDownload our planning tool We’ve released our FREE Security Awareness Planning Tool. Use it to map activities to...
On demand webinar: Maturing SA&T programs into human risk management strategies
ON DEMAND WEBINARMaturing SA&T programs into human risk management strategies.Taking control of your security with HRM.2005 called. They want their security awareness & training (SA&T) program back. Traditional SA&T programs often focus on...
IMPACT 2024: The findings
WHITEPAPERIMPACT 2024: The findings A showreel of fresh insight from IMPACT 2024 Hosted by CybSafe, IMPACT is the free, annual event that shines a spotlight on the latest research into human factors and cybersecurity. Imagine a room (or two) full of the world's...
Demonstrating security awareness value to senior stakeholders
Getting management buy-in by telling “data stories” and articulating outcomes You’re here because you want to reduce human cyber risk. When you started out in this industry, you probably expected something like: reduce risk, enjoy success and glory. By now you know...
On demand webinar: Human risk factors in cybersecurity
ON DEMAND WEBINARHuman risk factors in cybersecurity Understanding people, to reduce people-related security risks Lots of things make people more or less susceptible to cyberattacks. Cybersecurity practitioners work hard to influence those things to bring down...
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world. However, frequently reported shortages of suitably skilled and trained information system (IS)/cyber security professionals elevate the importance of...
Human factors in remote work: examining cyber hygiene practices
The purpose of this paper is to investigate the cyber hygiene practices of remote workers. This paper used two instruments: first, the Cyber Hygiene Inventory scale, which measures users’ information and computer security behaviors; second, the Recsem Inventory,...
On demand webinar: Demonstrating security awareness value to senior stakeholders
ON DEMAND WEBINARDemonstrating security awareness value to senior stakeholders.An expert walk-through of turning basic metrics into senior buy-in.Are you fed up with throwing basic metrics (training completion rates, simulated phishing clicks) at your leadership team...
Forrester pronounces security awareness official. Now what?
Human risk management is…official!Reflections on Forrester’s Human Risk Management Solutions Landscape, Q1 2024Not another cybersecurity report!How we think about HRM matters (a lot).We’ve set the scene. Time to dig into the report.What makes CybSafe’s approach to HRM...
Banking on trust: How consumer banking behavior is swayed by security
Banking on trust: how consumer banking behavior is swayed by security. Cybersecurity posture influences bank choice for 1 in 5 consumers. Security. Loyalty. Persuading internal stakeholders to invest in cybersecurity can be mildly rage inducing. But it’s more than...
23% of people consider cybersecurity posture when choosing a bank, as customer expectations move beyond compliance
With 90% of data breaches expected to include the human element in 2024, consumers are holding banks responsible for their Human Risk Management. Boston, London, 4th April 2024—Almost a quarter (23%) of US and UK consumers have said that a bank’s approach to...
Leveraging situational judgment tests to measure behavioral information security
Situational Judgement Tests (SJTs) are a multidimensional measurement method commonly used in the context of employment decisions and widely researched in the field of industrial and organizational (I-O) psychology. However, the use of SJTs in the field of information...
Measuring technical and human factors of a large-scale phishing campaign
In an era dominated by digital interactions, phishing campaigns have evolved to exploit not just technological vulnerabilities but also human traits. This study takes an unprecedented deep dive into large-scale phishing campaigns aimed at Meta’s users, offering a dual...
Information security Awareness: identifying gaps in current measurement tools
This paper describes the key role of information security awareness (ISA) in organizational attempts to comply with their information security policies and mandated frameworks and regulations. The design, implementation, and evaluation of Security Education Training,...
Information security culture: A look ahead at measurement methods
The information security culture field is a complex research area that does not currently have a standardized term, definition, and measurement process for organizations of various sizes, industries, and locations. While information security culture is still a...
Measuring the security culture in organizations: a systematic overview of existing tools
There has been an increase in research into the security culture in organizations in recent years. This growing interest has been accompanied by the development of tools to measure the level of security culture in order to identify potential threats and formulate...
A systematic review of scales for measuring information security culture
Purpose – The concept of information security culture, which recently gained increased attention, aims to comprehensively grasp socio-cultural mechanisms that have an impact on organizational security. Different measurement instruments have been developed to measure...
The human factor in phishing: collecting and analyzing user behavior when reading emails
Phishing emails are constantly increasing their sophistication, and typical countermeasures struggle at addressing them. Attackers target our cognitive vulnerabilities with a varied set of techniques, and each of us, not trained enough or simply in the wrong moment,...
Exploring the evidence for email phishing training: A scoping review
Background: Phishing emails are a pervasive threat to the security of confidential information. To mitigate this risk, a range of training measures have been developed to target the human factors involved in phishing email susceptibility. Despite the widespread use of...