It is vital to ensure that employees are aware of and educated about a company's implemented security policy, know the best practice means of transmission and storage of corporate data, and have the tools they need to do their jobs.
Learning by doing. If you don't have - and practice - a breach recovery plan, then a simulation exercise can demonstrate why you should have one, identify your weak spots, and encourage you to take action to plug the holes.
More than two thirds of companies struggle to recruit the staff necessary to defend themselves; the Center for Cyber Safety and Education suggests a workforce gap of 1.8 million by 2022. What can be done asks Jay Coley.
Departing employees is an issue not often considered as potentially affecting a company's cyber-security. However, an employee can potentially eave while maliciously keeping sensitive data including passwords, key codes, etc.
Latest round of cyber-attacks underscore the need for regular security awareness training says Eldon Sprickerhoff.
People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.
Security tools are useful, but as Edewede Oriwoh explains, we also need to support our staff within an overall cyber-security strategy where employees are engaged and involved and come to own some of the security processes.
Is security awareness training producing overconfident employees that are more of a threat than untrained ones? Davey Winder investigates...
"Do you have any insect repellent? I've been told my computer has a bug."
Haymarket and SC Magazine launch SC Jobs - a new job site dedicated to information security professionals.
Sky's CISO and head of content protection, Philip Davies, explains why Sky's data governance strategy is focused on clear lines of communication throughout the organisation.