Collaborate Disseminate
One of my favorite parts of my job as a CSO is building security awareness amongst my colleagues. I really believe that the time put…
The post Security awareness materials you can use – “Why we fall for cons” appeared first on Security Boulevard.
Continue reading Security awareness materials you can use – “Why we fall for cons”
Just what constitutes a cyber attack? That’s the question facing a court in a case brought against insurer AIG. One of the firm’s clients was…
The post Is Business Email Compromise a “cyber attack?” appeared first on Security Boulevard.
Continue reading Is Business Email Compromise a “cyber attack?”
We are thinking about giving an awareness live demonstration in the company I work for. The general idea is to show the users how can they be hacked while connected to a public wifi spot such as a coffe, conference, etc.
We h… Continue reading Hacking demonstration
With the arrival of the month of April, the United States is heavily into tax season now. And with only days remaining until the April 15 deadline to file, tax-related scams are also pervasive this time of year. Email security firm Proofpoint notes in… Continue reading Security Awareness: 4 Tax Scams Making the Rounds Now
Our company is implementing a BYOD policy. I am working with management to draft end user training guidelines / standards as senior member of the Information Security team. Our company is in a regulated industry and works rou… Continue reading How should security user training be provided when implementing a company BYOD strategy?
The idea is that when a user logs in PC (Windows 10) he should be forced to complete a quiz before he could start work.
These are company owned laptops.
The quiz will be few questions short, shown periodically with differe… Continue reading How to force employees to complete security awareness quiz? [on hold]
I work in the Information Security team at my workplace. We work in the insurance and healthcare industry and work frequently with customer credit card, financial, and private health data.
Today I was meeting with security m… Continue reading Should corporate security training be tailored based on a users’ job role?
We talk a lot about phishing, vishing, smishing, and impersonation here at SECOM, and there is a good reason for that. Those are the primary services we provide as a company for our clients. Not all clients use all of our services, and some companies d… Continue reading Assess Your Risks
At SECOM, we perform many forms of social engineering attacks, from phishing to vishing and smishing as well as impersonation. All of these attacks are used regularly by actual attackers and should be tested as part of a robust security assessment in e… Continue reading In 2019, Test Impersonation Attacks
Pretext
I’m not a security expert, just a web dev with an interest in “security”.
I’ve been tasked by my employer with giving an internal talk on security (specifically web application security) and why it is important for S… Continue reading Why should small and medium-sized businesses care about security?