Staff Education News, Articles and Updates

Skills in security: Fighting the shortage - closing the gap

The talent shortage is widening. But, Kate O'Flaherty asks, what specific skills is the industry lacking and how can it fill the gap?

Cyber security is an enabler of innovation

Ojas Rege argues that CISOs and CEOs who broaden their cyber-security messages beyond the need for defence can create organisations that embrace innovation and drive performance.

The phishing lifecycle - before, during and after an attack

Just as phishing has evolved, the way organisations detect and deflect these malicious messages must also change, looking at each distinct stages to a phishing attack - before, during and after.

How educational psychology can change the face of cyber-security training

Training that doesn't take into account the way humans learn and consume knowledge is never going to work.The way cyber-security is taught in workplaces is that it's usually anything but academic.

Insider threats: Suffering from the detective's curse

Recent research shows 41 per cent of UK respondents stating that they have complete trust in employees with privileged access. This isn't a good position to be in.

Free - Latest 'Cybersecurity for Dummies' book now available

The book "Cybersecurity for Dummies," is now available free electronically and in print. It is designed to give all employees a practical understanding of cyber-security basics.

Securing the supply chain: Why people are the key to managing risk

Organisations must begin efforts to secure the supply chain by first understanding their own position in it, and that of the multitude of "supply chains within supply chains" that may exist around them, managing that risk.

The curse of the ex-employee - A horror story

Some departing employees have no loyalties to their previous employer, so it is imperative that deprovisioning employees' corporate access on their last day is an absolute priority.

How to build a stronger culture of security

Organisations should create an environment where people feel comfortable discussing data security. If you can create a culture that values the importance of IT security, it can help minimise internal threats.

Understanding the threat of privilege identity theft

You'd think hackers will attempt social engineering exploits on your privileged users. In reality, it is more likely they will aim for a softer initial target. But once within the network, hackers will move onto their true target, the privileged user.

Data disaster! What are your IP priorities? Ensuring staff are equipped

It is vital to ensure that employees are aware of and educated about a company's implemented security policy, know the best practice means of transmission and storage of corporate data, and have the tools they need to do their jobs.

News feature: Simulated attack, lessons learned on all sides

Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.

Organisations must protect themselves and end-users from insider threat

Debbie Garside says simple end-user error is the biggest risk you face when it comes to data. But instead of end users facing the sack for making honest mistakes employers should be putting systems in place that protect them.

The steps you must take to keep malware right outside your organisation

Creating policies that prevent users from exposing the company to threats while maintaining business continuity takes the maximum amount of risk off the table says Sam Hutton.

End users plus social media can add up to a corporate data breach

People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.

Preparing for the next big cyber-attack - it affects everyone

Rory Duncan advocates breaking down traditional silos within organisations, and creating a culture of openness as security affects everyone and if organisations tackle these challenges together, the benefits will be far greater.

Supporting staff to create a more cyber-security conscious workforce

Security tools are useful, but as Edewede Oriwoh explains, we also need to support our staff within an overall cyber-security strategy where employees are engaged and involved and come to own some of the security processes.