The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
The U.K. Cyber Security Council is a new self-regulatory body for the profession. It is tasked by the U.K. government to execute its vision for the U.K. to be one of the safest places to work and do business online, says the chair of the council’s board of trustees, Dr. Claudia Natanson.
The day-to-day pressures of being a CISO are enormous and extend to matters far beyond those of incident response time. Meanwhile, traditional approaches to training cybersecurity team members have either been limited by scalability, lack of hands-on learning, or cost.
So, how much can Simulation-based Cybersecurity...
In theory, organizations are best protected by a layered security approach to cybersecurity based on best-in-class security tools.
In reality, the desired outcome is rarely achieved.
Why? Because most teams are not fully trained to use the technology on which their security program is built.
How can the security and HR organizations partner to foster a better, enterprisewide culture of security? This is what Steve Luczynski and Valerie Utsey did in previous roles, and they share insights from their presentation on the topic at RSA Conference 2021.
'Mega breaches' might sound dystopian, but they're becoming an all too familiar feature of the modern cyber crisis. Yet organizations are still relying on traditional techniques to prepare and exercise their workforces' cyber crisis response. Enter micro-drilling: the modern alternative to tabletop exercising.
Cybersecurity training: from dry-as-dust videos to cutesy animations of hapless office workers to streams of green code on a black screen. The variety out there is staggering, and it’s hard to know where to start – or what's really going to work.
Luckily, the most effective forms of training – for all teams,...
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking...
Small businesses have been disproportionately affected by hackers in recent months. To aid in countering the threat, Mastercard has launched a cybersecurity education effort targeting this market segment. Paul Trueman, a senior vice president Mastercard, explains the “Trust Center” initiative.
What really makes a "strong" password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?
For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries'...
Dave Snyder of Independence Blue Cross in Philadelphia has been in security leadership long enough to know: It's not about whether you have a technology foundation or lean more toward leadership. It's about having both, and about being a security evangelist, too.
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.
Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.