Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Microsoft Wakes Up To The Fact That Cyber Security Risk Is A Business Risk [VIDEO]

The 800-pound Redmond Gorilla asks: "Should your security focus be on systems or people?"

They wrote: "In the latest Modern Workplace episode, “Cyber Intelligence—The Human Element,” we look at how organizations not only need to look at their systems but also have to address the security threats that stem from the behavior of their own employees, who oftentimes are the source of cyber-attacks.

Survey of 2600 IT Pros: "Password Procedures Still Are A Cyber Security Fail"


After the NIST passwords bombshell, we surveyed 2,600 IT professionals to find out how they were managing passwords. The answers show that IT Pros are generally receptive to the proposed pass phrase concept suggested by NIST.

NIST Special Publication 800-63B, “Digital Identity Guidelines,” states: “Many attacks associated with the use of passwords are not affected by password complexity and length. Keystroke logging, phishing, and social engineering attacks are equally effective on lengthy, complex passwords as simple ones. This means that password complexity has failed in practice." Verizon's latest Data Breach Report showed that 81% of hacking-related breaches used either stolen and/or weak passwords, supporting the NIST conclusion.

The Cyber Security Of Our Electricity Grid

Guest Blogger Craig Reeds commented on the safety of our Electricity Grid.

"Over the last couple of years, there has been a lot of discussion about the security of the electric grid. We hear stories about the power grid attack in the Ukraine and other possible dangers.

Here in the United States, things are not as insecure as they are in Europe. This is because we have NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) plan which is a set of requirements designed to secure the assets required for operating North America's bulk electric system, or Power Grid.

Tripwire Black Hat Survey: "68% of Pros Felt Cyber Security Lacking After WannaCry & Petya Attacks"


Over two-thirds of Infosec Pros who were asked at Black Hat if they felt their organizations had made the necessary cyber security improvements since the WannaCry and Petya attacks earlier this year were negative according to new research by Tripwire.

Subscribe To Our Blog

Phish Your Users

Recent Posts

Get the latest about social engineering

Subscribe to CyberheistNews