Security News

Arctic Wolf Managed Security Awareness prepares employees to neutralize attacks
2021-05-20 00:45

Arctic Wolf launched Arctic Wolf Managed Security Awareness, a radical new approach to security and awareness training that helps organizations build cyber resilience against social engineering, phishing attacks, and credential theft. Arctic Wolf is the first managed detection and response vendor to offer a comprehensive, fully managed, security awareness solution natively from its security operations-focused Arctic Wolf Platform.

Security awareness training doesn’t solve human risk
2021-05-12 03:00

Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees' real-world cybersecurity practices, according to Elevate Security and Cyentia Institute. The report examined malware, phishing, email security and other real world attack data and found that while security training results in slightly lower phishing simulation click rates among users, it has no significant effect at the organizational level or in real-world attacks.

Five steps to get employees invested in security awareness training
2021-04-19 03:30

Making sure employees have a high level of knowledge around how to handle email securely at home or in the office is essential, but while the IT team may understand how important cybersecurity is, other employees may need to be convinced. Here's how to get employees invested in security awareness training in five simple steps, according to Mimecast.

DTEX InTERCEPT delivers advanced UAM and workforce behavioral awareness capabilities
2021-04-02 00:30

DTEX Systems announced enhancements to DTEX InTERCEPT for critical infrastructure entities - a workforce cybersecurity solution specifically created to address the user activity monitoring requirements of public and private oil and gas, electric, water, telecommunications and healthcare organizations with headquarters in the Five Eyes countries. According to a recent report by The National Counterintelligence and Security Center of the United States of America titled, Insider Threat Mitigation for U.S. critical infrastructure entities: Guidelines from an Intelligence Perspective, "Foreign adversaries are no longer simply targeting the U.S. government, as was often the case during the Cold War, but today are using their sophisticated intelligence capabilities against a much broader set of targets, including U.S. critical infrastructure and other private sector and academic entities. These U.S. industries and academic organizations are now squarely in the geopolitical battlespace."

Cybersecurity awareness is too often a part-time effort
2021-03-24 04:00

SANS announced the release of a report which analyzes the data of over 1,500 security awareness professionals from around the world to benchmark how organizations are managing human risk and provides data-driven action items to mature awareness programs. "Cybersecurity is no longer just about technology but people; managing human risk. Awareness programs enable security teams to do just that by not only guiding how people think about security but how they act, from the Board of Directors on down," said Lance Spitzner, SANS Security Awareness Director and co-author of the report.

Security awareness programs: The difference between window dressing and behavior change
2021-03-08 05:30

In other words, the investment in most security awareness programs is window dressing - something that looks good but is a false front. Human actions account for 90% of all security incidents, so CISOs can quantifiably reduce their overall security incidents by upgrading the "Human firewall."

Phishing awareness gone wrong: Facebook tries to seize websites set up for staff security training
2021-02-11 20:42

Security biz Proofpoint and its subsidiary Wombat Security Technologies have sued Facebook and its Instagram subsidiary to prevent the seizure of internet domain names used for security testing. It sets up domain names that incorporate trademarked terms, like Facebook and Instagram, or fragments of those terms that have similar looking domain names.

SecurityAdvisor raises $7.3M to support product development and drive market awareness
2021-02-04 00:00

The Company's patented platform integrates easily within existing security infrastructure to deliver targeted coaching that teaches employees how to identify and remediate cyberattacks while providing security teams with insights that help them better understand the human element of their organization's security posture. SecurityAdvisor's deep integrations with leading cybersecurity vendors, including CrowdStrike, provide visibility across the entire organization for security teams and quantifies security teams' ROI. SecurityAdvisor will use the capital to support product development and drive market awareness of its innovative offering amongst enterprise security leaders.

Changing Employee Security Behavior Takes More Than Simple Awareness
2020-11-26 14:00

Security awareness rarely leads to sustained behavior change on its own, according to a recent analysis - meaning that organizations need to proactively develop a robust "Human-centered" security program to reduce the number of security incidents associated with poor security behavior. According to the Information Security Forum, the information security industry is playing catch-up when it comes to positively influencing behavior - the proliferation of remote-working arrangements, exacerbated by the stress associated with the pandemic, has underlined the importance of strengthening the human elements of security.

IoT security: University creates new labels for devices to increase awareness for consumers
2020-10-14 15:48

TechRepublic's Karen Roby spoke with Lorrie Cranor, director and Bosch Distinguished Professor in security and privacy technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University, about security in Internet of Things devices for Cybersecurity Awareness Month. Lorrie Cranor: One of the things we've observed is that there are a lot of concerns about the security and privacy of IoT devices.