October 8, 2024 at 01:04PM Cybersecurity Awareness Month promotes security best practices and empowers organizations to create a culture of security. Companies like AWS, IBM, Intuit, SentinelOne, and Gallo use this month to educate, engage, and inspire their employees and communities. Programs include online and physical security training, expert-led discussions, and educational initiatives for students. … Read more
July 17, 2024 at 07:18AM The text outlines the threat posed by accidental insiders in cybersecurity. It discusses how employees, through lack of awareness or pressure to perform, can compromise security. The text highlights the potential consequences of such breaches and proposes proactive measures to mitigate the risk, emphasizing the importance of training, organizational controls, … Read more
June 24, 2024 at 10:03AM The recent settlement between the US Securities and Exchange Commission (SEC) and Intercontinental Exchange Inc. (ICE) emphasizes cybersecurity and corporate accountability issues. The severe cyberattack on ICE’s subsidiary exposed sensitive information and highlighted inadequate cybersecurity measures. The SEC’s proactive investigation and the $10 million settlement underscore the need for robust … Read more
April 12, 2024 at 05:30AM A LastPass employee was recently targeted in a phishing attack using deepfake technology, with threat actors impersonating the company’s CEO. The employee, suspicious of the urgency and communication outside of normal business hours, ignored the messages and reported the incident. LastPass emphasizes the increasing use of deepfakes in cyber attacks … Read more
April 4, 2024 at 10:20AM CISOs must go beyond checklist approach for cybersecurity. It’s crucial to gain board support, improve communication, and provide awareness training to combat social engineering. This proactive approach fosters companywide engagement in protecting against digital threats. Based on the meeting notes, the key action points are: 1. CISOs need to secure … Read more
February 28, 2024 at 10:08AM The article discusses the rising threat of phishing attacks, including recent high-profile incidents and actionable tips to mitigate risks. It emphasizes the importance of employee training, advanced email filtering, and multi-factor authentication to bolster defense. Additionally, it advocates for security automation to streamline incident response and proactively address potential threats. … Read more
February 12, 2024 at 02:17PM The French data protection agency, CNIL, is investigating two data breaches at payment processors affecting nearly half of the country’s population. Cyberattackers accessed data for 33 million citizens through phishing attacks. The compromised personally identifiable information includes details often used for social engineering attacks. This highlights the vulnerability of businesses … Read more
January 3, 2024 at 10:08AM The rise in corporate espionage underscores the need to safeguard sensitive corporate information. Implementing five key strategies can help prevent and mitigate such risks: insist on nondisclosure agreements, know and control trade secrets, perform due diligence, train employees, and promptly investigate suspected activity. This multifaceted approach enhances protection against corporate … Read more
December 11, 2023 at 04:30PM Cyber attackers used hundreds of convincing fake profiles on LinkedIn to target professionals in Saudi Arabia for financial fraud and obtaining sensitive corporate information. Researchers uncovered nearly a thousand fake profiles, which, due to the platform’s extensive data, were difficult to distinguish from real accounts. LinkedIn’s popularity among cyber attackers … Read more
October 20, 2023 at 05:32PM Employees experience a physical “escape room” to enhance security awareness. They role-play as criminal social engineers and identify vulnerabilities in a mock office space. The aim is for employees to understand the importance of physical security and remember practices like keeping whiteboards clean, locking laptops, and hiding or shredding documents. … Read more