Security awareness

Should repeat offenders be sent to maximum security?

July 29, 2019 // By: Lisa Plaggemier

If you listen regularly to the repeat offender buzz, eventually you’ll hear from those who believe disciplinary actions are the best response. In my current role working for a security education provider, I’m in frequent contact with a remarkable community of peers from other companies. We all agree on the best thing to do with repeat offenders: help them.

Cybersecurity Weekly: Ransomware denial, addressing the gender skills gap, audio deepfakes

September 9, 2019 // By: Sam Fay

A Massachusetts city declines a $5.3 million ransomware demand, opting to restore from backup instead. An Irish staffing company works to close the cybersecurity skills gap for migrant women. The first known case of successful financial scamming via audio deepfakes. All this, and more, in this week’s edition of Cybersecurity Weekly.

Security Awareness: A Core Competency for K-12 Students

October 3, 2018 // By: Megan Sawle

Today’s youth spend more time than ever before online. Like learning to lock the front door behind you, security awareness training at an early age helps transform a behavioral concept into a habit. Our FREE K-12 awareness training series includes three fun security awareness training modules, with a fourth on the way to encourage the next generation to consider career paths in cybersecurity.

Cybersecurity Weekly: Model response to cyber attack, Ecuador data leak, whistleblower phishing site

September 20, 2019 // By: Sam Fay

Arizona schools demonstrate the model response to a malware attack. A marketing analytics company leaks deep profiles of the entire Ecuador population. A new phishing attack targets the whistleblower submission site for The Guardian. All this, and more, in this week’s edition of Cybersecurity Weekly.

Securing the Global Killswitch: 5 Ways to Protect Critical Infrastructure From Attack

October 24, 2018 // By: Megan Sawle

As we wrap up the last week of Cyber Security Awareness Month, we turn our focus to protecting our nation’s critical infrastructure. Today’s grid is both the backbone of our nation’s economy and its Achilles’ heel. Attacks like Crash Override and Stuxnet have prompted new discussions and initiatives around the globe to address vulnerabilities in our increasingly interconnected world.

If your employees aren’t learning from your security training, are you really teaching?

May 3, 2019 // By: Tyler Schultz

Delivering the information your employees need to stay cybersecure doesn’t guarantee they will retain the knowledge or adopt good security habits. If your employees aren’t learning, how can you improve your teaching? What can you do to engage employees, inspire them to change their behavior and, ultimately, keep your organization secure?

Security Awareness: Are you prepared for the coming year?

October 31, 2018 // By: Jeff Peters

Today is the final day of National Cyber Security Awareness Month, and we here at InfoSec Institute have loved seeing the community come together to spread security awareness. However, an effective security awareness program needs more than just one month worth of effort. As we transition into the rest of the year, it’s important to keep the security awareness momentum going.

Cybersecurity Weekly: Worm eradication, Instagram hack demonstration, massive iPhone hack

September 4, 2019 // By: Sam Fay

French police remove the Retadup worm from 850,000 PCs with the help of Avast. A white hat hacker demonstrated how to hack over one million Instagram accounts. A slew of security incidents and breaches, including Foxit PDF reader, DDS Safe and Apple’s iPhone. All this, and more, in this week’s edition of Cybersecurity Weekly.

Metropolitan School District of Wayne Township Combats Ransomware with SecurityIQ

July 17, 2018 // By: Kristin Zurovitch

Infosec, the leading provider of IT security education and workforce security awareness training solutions, announced the Metropolitan School District (MSD) of Wayne Township, Indiana selected Infosec IQ for district-wide security awareness education. Pairing Infosec IQ with the district’s personalized learning techniques and an internally-developed network of trained...

Lessons from Masters of Persuasion: Customization is Key

March 6, 2019 // By: Megan Sawle

As security awareness practitioners, we need to be better than criminals at influencing our employees’ behavior. Just like digital marketing, customization is key. This means tailoring your training and awareness program by employee role, responsibility and access to boost program effectiveness.

5 Best Practices to Harden Your Human Firewall

November 7, 2018 // By: Tyler Schultz

When building your human firewall through security awareness training, incremental gains are important. Following a few best practices can help you stack your incremental gains and strengthen your human firewall. We were delighted to speak with Forrester senior analyst Nick Hayes about best practices to harden your human firewall.

7 Research-Backed Tips to Improve Your Security Awareness Training

December 7, 2018 // By: Tyler Schultz

We love talking to clients and security practitioners about what’s working at the ground level of their security awareness programs. However, sometimes it’s helpful to take a step back and look at the security awareness space from a research data perspective. We spoke with Michael Osterman from Osterman Research to dig into 7 research-backed tips to improve your security awareness training.

Cybersecurity Weekly: Adolescent hacking study, DoorDash breach, Outlook file extension blacklist

September 27, 2019 // By: Sam Fay

A study decodes how kids get into hacking. DoorDash loses personal records of 5 million clients and drivers. Outlook plans to add 38 more file extensions to its blacklist. All this, and more, in this week’s edition of Cybersecurity Weekly.

Videos & Best Practices to Build a Security Champions Program

July 25, 2018 // By: Kristin Zurovitch

Phishing, ransomware and social engineering attacks are rising rapidly. As they continue to get more sophisticated, we also see they no longer discriminate. Regardless of size or industry, every organization is now vulnerable to cyber threats, making organization-wide security awareness training the key to resiliency.

Celebrate Cyber Security Awareness Month With FREE Training Resources

September 27, 2018 // By: Megan Sawle

If you’re like most cybersecurity pros we know, the security awareness training manager hat is just one of many hanging in your server room. While you’ve been busy patching vulnerabilities and monitoring your networks, we’ve built out a series of free resources to help you kick off Cybersecurity Awareness Month like you’ve been planning for it all year.

5 Steps to Building a Cyber-Aware Staff

October 10, 2018 // By: Tyler Schultz

Preventing cybersecurity attacks at your organization takes more than technical efforts. It requires a cyber-aware staff and a culture of security awareness to keep your organization safe. The biggest question is: How can you build a cyber-aware staff?

Celebrate Data Privacy Day by Sharing These Free Resources!

January 28, 2019 // By: Jeff Peters

Data privacy tends to be viewed through a negative lens — massive data breaches, fines from government watchdogs and stories of lost customers. But when done right, it can become a story of empowering people and organizations to respect privacy, safeguard data and enable trust. We want to keep that positive message going all year long with these free, shareable resources.

Cybersecurity Weekly: Phishing attack sniffed out, facial recognition ban, more ransomware

September 13, 2019 // By: Sam Fay

Philadelphia law firms fend off phishing attacks involving fake clients. California follows San Francisco by passing a statewide bill to ban police use of facial recognition. Ransomware cripples multiple organizations, including Rockford, IL, public schools and Entercom Communications. All this, and more, in this week’s edition of Cybersecurity Weekly.

7 myths about election security — debunked

September 18, 2019 // By: Tyler Schultz

It takes everyone involved in the voting process to watch for suspicious activity and adhere to cybersecurity best practices to prevent interference in the upcoming elections. In this post, we debunk seven common myths about election security and provide actionable tips to pass along to poll workers and volunteers.

How to build security awareness & training to NIST standards

June 10, 2019 // By: Tyler Schultz

Review NIST’s cybersecurity training resources and guidelines and explore how you can use Infosec IQ to not only follow NIST recommendations, but also prepare your workforce for the cybersecurity threats they face.

The ROI of security awareness training

September 17, 2019 // By: Tyler Schultz

With many organizations facing understaffed IT and security departments with limited time and budget, it’s smart to ask, “Do the benefits of security awareness training outweigh the costs?” In this post, we show you how to calculate the ROI of security awareness training at your organization.

Cybersecurity Weekly: Kaspersky busts hacker group, German police raid dark web bunker, Baltimore had no backups before ransomware attack

October 7, 2019 // By: Sam Fay

Kaspersky busts a hacking group using their own AV. German police raid a dark web bunker, shutting down more than 200 servers. The city of Baltimore reports that it had no backups when it was hit with ransomware back in May 2019. All this, and more, in this week’s edition of Cybersecurity Weekly.

National Cybersecurity Awareness Month made easy

August 27, 2019 // By: Tyler Schultz

National Cybersecurity Awareness Month is here! Use our NCSAM Toolkit including themed posters, infographics and articles to make this October the best National Cybersecurity Awareness Month yet. Our resources are relatable, conversation and (dare I say) fun!