A skilled team of professionals and the right security technologies are undoubtedly important to securing your organization, but your first line of defense against cybercrime is always your employees.

CISOs and security leaders make a point to gather analytics and data to establish meaningful metrics for their organizations’ cybersecurity. Key performance indicators (KPIs), such as intrusion ...

As phishing and malware attacks become more prevalent and sophisticated, midsize and large businesses must rely on employees to protect their data. But employees are busy. And security to them is ...

As threat actors continue to evolve, so does the tooling that protects a firm's environment. In addition to training, security advisories should be distributed on a regular basis, and security ...

Data security is one of those issues that "takes a village" to address—and HR professionals are part of that village. HR can play an important role in helping to ensure that employees have the ...

ThriveDX, the global firm focused on cybersecurity and digital skills training, is pleased to announce the launch of its new certificate program exclusively designed “for security awareness ...

Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. Security awareness rarely leads to sustained behavior change on its own, ...

As such, end-users must be taught not only how to recognize social engineering and phishing threats, but also how to treat them, report them and ensure their colleagues aren’t falling foul to them.

Most successful cyberattacks target end users through social engineering. They also exploit systems left vulnerable due to user errors. This is why securing the human element is crucial to managing ...

Earlier this month, Ira Winkler, who is a global security expert and industry thought leader, the former ISSA president, and someone I personally respect and enjoy listening at cybersecurity ...

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable ...

When I read Bruce Schneier's recent blogbasically stating security awareness is a waste of resources, I perceived a general misconception about the fundamental concepts of security awareness that are ...