Security News

October is Security Awareness Month, an exciting time as organizations around the world train people how to be cyber secure, both at work and at home. Security awareness goes by many other names, depending on the organization: security influence, culture, engagement, training, education, etc.

Huntress, the managed security platform for SMBs, has acquired Curricula, a story-based security awareness training platform that empowers employees to better defend themselves against hackers. In addition to its core platform, Curricula offers a number of additional features to help businesses build a positively focused security culture - including a gamified phishing simulator, story-based training episodes, custom content creation tools, compliance reporting, and more.

It's important that your current security awareness efforts are appropriate for how your employees work today, not how they worked two years ago. The strongest security cultures are those where each employee fully understands that they are on the front lines.

In this Help Net Security interview, Tal Steinherz, CTO at Wib, talks about the importance of API security awareness and how to tackle numerous thretas that are plaguing it. API security is widely being considered, yet breaches continue to plague many organizations.

Cyber security professionals are continuously thinking about how to prevent cyber security breaches from happening, with employees and contractors often proving to be the most significant risk factor for causing cyber security incidents. Proactive cyber security professionals will find that an effective security awareness training program can significantly reduce their risk of getting exposed to a cyber incident.

Even with more businesses rolling out staff security awareness training programs to combat evolving cyber threats, over 90% of data breaches still stem from human error. Training courses are wrongly seen as a silver bullet - Regular training is vital for helping employees strengthen their security behaviour, but computer-based courses are just one tool for tackling human cyber risk.

Arctic Wolf launched Arctic Wolf Managed Security Awareness, a radical new approach to security and awareness training that helps organizations build cyber resilience against social engineering, phishing attacks, and credential theft. Arctic Wolf is the first managed detection and response vendor to offer a comprehensive, fully managed, security awareness solution natively from its security operations-focused Arctic Wolf Platform.

Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees' real-world cybersecurity practices, according to Elevate Security and Cyentia Institute. The report examined malware, phishing, email security and other real world attack data and found that while security training results in slightly lower phishing simulation click rates among users, it has no significant effect at the organizational level or in real-world attacks.

Making sure employees have a high level of knowledge around how to handle email securely at home or in the office is essential, but while the IT team may understand how important cybersecurity is, other employees may need to be convinced. Here's how to get employees invested in security awareness training in five simple steps, according to Mimecast.

In other words, the investment in most security awareness programs is window dressing - something that looks good but is a false front. Human actions account for 90% of all security incidents, so CISOs can quantifiably reduce their overall security incidents by upgrading the "Human firewall."