Security Awareness Training Compliance and .GOV

Oct 17, 2020 9:55:32 AM By Stu Sjouwerman

A customer sent me the following observation which is something I have been trying to get across for the last 10 years: "I found this interesting – and potentially disconcerting. This ...

Chinese Antivirus Vendor Tied to Part of a Decade-Long Hacking Spree

Sep 24, 2020 11:04:01 AM By Stu Sjouwerman

Members of the hacking group “Apt41” were charged by the U.S. Department of Justice for hacking more than 100 victims globally with one of its members running AV vendor Anvisoft.

Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

Sep 18, 2020 7:00:00 AM By Stu Sjouwerman

This newly-released report is the result of a collaborative effort by cybersecurity authorities in Australia, Canada, New Zealand, the United Kingdom, and the United States.

Crowdstrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

Sep 16, 2020 10:26:18 AM By Stu Sjouwerman

According to a recent study conducted by cybersecurity firm CrowdStrike, recent threat activity throughout its customers’ networks has shown more intrusion attempts within the first half ...

1 in 3 Employees Rarely or Never Think About Cybersecurity

Jul 29, 2020 11:36:24 AM By Stu Sjouwerman

Eye-opening data around the impact of human error demonstrates how simple user mistakes can compromise your organization’s cybersecurity posture.

[HEADS UP] Cyber Attack at University of York Steals Personal Information from Staff and Students

Jul 23, 2020 12:50:24 PM By Stu Sjouwerman

In a recent report by the York Press, University of York has launched an investigation after personal information of students and staff was obtained by the bad guys.

Don't Overlook Policy When Designing Security

Jul 23, 2020 8:30:53 AM By Stu Sjouwerman

There’s no single defense against phishing and other social engineering attacks, according to Kevin O’Brien, CEO and co-founder of email security company GreatHorn. On the CyberWire’s ...

60% of Organizations are Hit by Cyberattacks Spread by Their Own Employees

Jun 29, 2020 8:37:16 AM By Stu Sjouwerman

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an org to do?

Human Performance as a Risk Factor

Jun 1, 2020 8:25:33 AM By Stu Sjouwerman

Most organizations don’t place enough focus on the human elements of cybersecurity, according to Stephen A. Wilson, Dean Hamilton, and Scott Stallbaum from consulting firm Wilson Perumal ...

Nearly Every Organization is More Concerned about Cybersecurity Than Before COVID-19

May 20, 2020 4:36:21 PM By Stu Sjouwerman

New data from security vendor Tripwire highlights how the shift to remote working has changed the face of cybersecurity for both the current work climate and the future.

The Three Pillars of the Three Computer Security Pillars

May 18, 2020 8:31:59 AM By Roger Grimes

Much of the world, or at least the United States, is coalescing around the NIST Cybersecurity Framework. It’s a pretty good one to follow out of the many dozens that have been proposed ...

The Best and First Defenses You Should Implement

Apr 24, 2020 8:43:14 AM By Roger Grimes

Every good defense has three pillars of controls: policy, technical, and education. People are always asking what they should do for each to minimize cybersecurity events the most and ...

Removing Zoom Meeting ID's: Treating the Symptom, Not the Cause

Apr 10, 2020 8:43:49 AM By Javvad Malik

Zoom has been under a lot of scrutiny lately, and it's commendable that the vendor has been working through as many security issues as it has. With great growth and visibility comes great ...

[On-Demand Webinar] The Art of Invisibility: Important New Privacy Concerns for Your Quickly Evolving Remote Workforce

Apr 9, 2020 7:00:00 AM By Stu Sjouwerman

Corporate privacy concerns are more paramount right now than ever before. Organizations are being forced to maneuver a new world of security and privacy issues related to a remote ...

3 Lessons COVID-19 Can Teach Us About Cybersecurity

Apr 9, 2020 7:00:00 AM By James McQuiggan

It’s day 4,823 that I’ve been home for the stay at home order in the county where I live. Okay, so it feels like years, but it’s actually only been a few weeks. Like many of you, I can’t ...

Zoom's Recent Hypergrowth Challenges -- And How To Use It In A Secure Way

Apr 8, 2020 1:40:50 PM By Stu Sjouwerman

The massive uptick in use of the popular video conferencing service Zoom has resulted in a rise in stock price, a class action lawsuit, and a huge opportunity for cybercriminals.

Seven Tips to Optimize Security

Apr 7, 2020 8:47:06 AM By Javvad Malik

Data breaches continue, phishing attacks are on the rise, and people responsible for security wake up in a cold sweat a few times a year worried they’re the next victims.

The Best Computer Security Solvers Look Beyond the Problem

Apr 1, 2020 8:44:06 AM By Roger Grimes

Who doesn’t love a good computer security “cowboy”? That’s a man or a woman who is a recognized authority in their field of expertise, who groks their subject, who is truly a subject ...

The Paradox of Perfection

Mar 27, 2020 8:31:50 AM By Javvad Malik

One of the challenges with living in a hyper-connected world is that it’s easy for anyone to stand on a soapbox and point out when something is wrong.

Every Computer Defense Has Three Main Pillars

Mar 26, 2020 8:32:15 AM By Roger Grimes

Defense-in-Depth is a dogmatic term used in the computer defense industry to indicate that every computer defense has to be made up of multiple, overlapping defenses positioned to best ...

Security Awareness Training Blog

Cybersecurity Blog

View Topics