A skilled team of professionals and the right security technologies are undoubtedly important to securing your organization, but your first line of defense against cybercrime is always your employees.

CISOs and security leaders make a point to gather analytics and data to establish meaningful metrics for their organizations’ cybersecurity. Key performance indicators (KPIs), such as intrusion ...

As phishing and malware attacks become more prevalent and sophisticated, midsize and large businesses must rely on employees to protect their data. But employees are busy. And security to them is ...

Over 80% of security awareness professionals have a background in either information security or information technology, according to SANS's 2016 Security Awareness Report. Less than 15% have a ...

As threat actors continue to evolve, so does the tooling that protects a firm's environment. In addition to training, security advisories should be distributed on a regular basis, and security ...

Data security is one of those issues that "takes a village" to address—and HR professionals are part of that village. HR can play an important role in helping to ensure that employees have the ...

ThriveDX, the global firm focused on cybersecurity and digital skills training, is pleased to announce the launch of its new certificate program exclusively designed “for security awareness ...

Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. Security awareness rarely leads to sustained behavior change on its own, ...

As such, end-users must be taught not only how to recognize social engineering and phishing threats, but also how to treat them, report them and ensure their colleagues aren’t falling foul to them.

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable ...

Earlier this month, Ira Winkler, who is a global security expert and industry thought leader, the former ISSA president, and someone I personally respect and enjoy listening at cybersecurity ...

When I read Bruce Schneier's recent blogbasically stating security awareness is a waste of resources, I perceived a general misconception about the fundamental concepts of security awareness that are ...