3 Essential Security Awareness Training Topics for 2021

3 Essential Security Awareness Training Topics for 2021 In 2021, organisations must lead the charge to educate the workforce on cyber security best practice. Threats are growing to become more sophisticated every day, and it is critical for employees to know how to defend their data and systems. Security awareness training is essential to keep your organisation protected, and it is indeed one of the most cost-efficient ways you can protect yourself from data breaches. Below we have listed 3 essential security awareness training topics to look out for in 2021. A Human Firewall A lot was achieved in 2020. The new era of remote working became the norm, despite the difficulties that came with it. Cyber threats, data hacks, threats to employee privacy and security and online fraud were just some of the issues that grew in importance. Businesses had to adapt to these challenges and develop new strategies

By |2021-07-08T09:05:23+00:00July 7th, 2021|Blog|0 Comments

SANS Security Awareness Announces Strategic Relationship with Elasticito

SANS Security Awareness Announces Further Expansion in Europe with Strategic Channel Sales Relationship with Elasticito   North Bethesda, MD, USA and London, UK – 6 JULY, 2021 – SANS Security Awareness, the global leader in providing security awareness training, today announces a new strategic partnership with Elasticito, a leading cyber risk advisory and solutions provider in Europe, to bring continuous security awareness programs to companies across the Europe, Middle East and Africa regions. There has never been a more important time for security awareness training The accelerated shift to digital and remote working, brought on by the COVID-19 pandemic has enabled new and productive ways of working.  It has also significantly increased interaction with sensitive information and data, combined with new collaborative ways of working, that has increased the urgency to assess, train and nurture security awareness to make employees think about privacy protection and security as a main priority.  

By |2021-07-07T06:05:03+00:00July 5th, 2021|Blog|0 Comments

Post-Pandemic Technology & Cyber Security Trends in Banking – Part 2

Post-Pandemic Technology & Cyber Security Trends in Banking – Part 2 In this second part of our review of key cyber and security-related technology trends in banking in the post-pandemic world, we look at the top cyber threats targeting banking and financial services organisations in 2021. We also look at some of the emerging cyber technologies being adopted and considered by banking and financial services organisations around the world. Over the last decade, cyber attacks have become an ever-growing threat for banks. Technology has advanced rapidly and threat actors have learned that banks are a lucrative target. Threat actors have evolved their techniques to make it difficult for any company to fend off the attacks. Cybersecurity is not an issue limited to industries involving technology only. It holds a critical value in banking since banks make millions of transactions each day, most of which are done on digital payment platforms. Without

By |2021-06-30T13:14:03+00:00June 30th, 2021|Blog|0 Comments

Post-Pandemic Technology & Cyber Security Trends in Banking – Part 1

Post-Pandemic Technology & Cyber Security Trends in Banking - Part 1 The banking sector is in the midst of a digital transformation that is causing its attack surface to grow, exposing organisations to increased levels of cyber threat activity. As more organisations adopt digital banking solutions, having effective cybersecurity programs has become more important than ever before for the banking industry. In this article we explore the post-pandemic technology and cyber security trends in banking.   Elasticito was recently approached by a financial services firm to provide some analysis on new technology and cyber trends within the banking and financial services industry.  A summary of our findings make up this blog post, but one common theme that we observed was that, despite the pandemic, the unstoppable momentum of digital transformation is causing a huge impact in the way that banking services are and will be delivered to customers over the

By |2021-06-23T15:56:32+00:00June 23rd, 2021|Blog|0 Comments

Mitigating a Ransomware Attack – Can Security Awareness Training Assist?

Mitigating a Ransomware Attack – Can Security Awareness Training Assist? As the frequency and cost of ransomware attacks continue to rise, solutions for ransomware mitigation and prevention must be at the top of every IT leader and department's list of priorities. Where most see crisis, cybercriminals see opportunity. In this article, learn how security leaders can meet the challenges of mitigating ransomware threats and phishing attacks. Is security awareness training the answer? Traditional ransomware tricks users into running it and then it replicates itself on various endpoints across the network. It then encrypts those systems and demands a ransom — usually some type of cryptocurrency — in exchange for a decryption key to rescue data and files. Since the start of the pandemic, there has been a global surge in ransomware attacks. 40% of organisations in the UK, US, Canada, and Germany have suffered from a ransomware attack in the last

By |2021-06-16T12:59:46+00:00June 16th, 2021|Blog|0 Comments

Security Assessment Questionnaire Response Automation

Making the case for Security Assessment Questionnaire Response Automation Business partnerships require trust – without it, success is very difficult to attain. In the current business landscape, however, it's increasingly difficult to tell whether a vendor is trustworthy and deserving of that trust. As information technology becomes more advanced, so do the ways in which trust can be broken. Today, the potential for intentional or unintentional breakage of it has increased multifold. Assessing security risk with questionnaires is one method to effectively understand the security risk that a vendor may pose to the business, particularly if you entrust them with your data. If you are reading this article, you’ve more than likely handled your fair share of security assessment questionnaires. Like us, you are probably frustrated by the entire process too. We would like to make the case for automated security questionnaires in the article below. The traditional approach to

By |2021-05-25T14:25:29+00:00May 25th, 2021|Blog|0 Comments

Building the case for Security Validation

Building the case for Security Validation Image credit: USA Today Events of the last month have shown that, despite best efforts and assumptions on how well protected corporate networks are, damaging Ransomware attacks and other cyber threats, continue to wreak havoc on companies and organisations in all industry sectors. Just in the last month, we have seen crippling Ransomware attacks on Colonial Pipeline, the Irish Health Service, the University of Portsmouth, and many others.  In most, if not all, of these cases, the IT and information security teams will undoubtedly have told their management teams and oversight Boards, that they had invested in adequate security controls and that they conduct regular penetration testing. So, it begs the question: why are corporate networks still so vulnerable to these attacks?  The answers to this are probably wide ranging, but one consistent theme is an assumption that corporate networks are protected because certain

By |2021-05-18T12:08:04+00:00May 18th, 2021|Blog|0 Comments

10 Tips for Detecting and Mitigating Phishing Attacks

10 Tips for Detecting and Mitigating Phishing Attacks Despite being a well known problem, phishing remains a significant issue for companies. Notwithstanding the increased sophistication of new malware and advanced persistent threats, phishing is still one of the most effective ways to breach networks, steal money and credentials, and exfiltrate data. Phishing can be the first stage in a sophisticated information-stealing attack. It's a tried and true method that cyber criminals have been using for years but are now adapting to their own needs. It remains pervasive because phishers get away with it so often. Read on for ways to detect and mitigate phishing attacks. There are many types of phishing attacks organisations must be wary of. The main outcomes of all phishing attempts are to steal credentials, instigate a ransomware attack, install malware or trick a person into making a payment for a fictitious service. “Phishing emails are one

By |2021-05-11T15:35:25+00:00May 11th, 2021|Blog|0 Comments

Ransomware: Facts, Risks, and Countermeasures

Ransomware: Facts, Risks, and Countermeasures Ransomware has been a major threat to cyber security in the past few years. The malware encrypts files, locking them and demanding a ransom to unlock them. These ransomware attacks have affected organisations, hospitals, schools, municipalities and enterprises. Ransomware is becoming more sophisticated and difficult to stop, with attackers increasingly encrypting data before demanding money to decrypt it. One thing is certain: ransomware attacks have many different appearances and come in all shapes and sizes. Continue reading to find out about the latest development in the fight against ransomware. Malware with a ransom note Ransomware is a type of malware that is used to encrypt files held on a computer in such a way that they can only be unencrypted by paying a ransom. Victims are told that they must pay the ransom, or risk to lose access to their files forever. Users are shown

By |2021-05-04T18:10:32+00:00May 4th, 2021|Blog|0 Comments

Cats, Dogs and Cyber Security

My wife is a cat person.  We have two fluff-ball Ragdoll cats, who are not allowed outside - mainly because we know that they have the capability to scale our garden wall, but probably not the ability to find their way home again! Recently, we adopted a rescue dog.  She is however, allowed into the garden; much to the chagrin of the cats.  This is because, to our knowledge, we do not believe that the dog has the capability of scaling our outer perimeter. In the information security world, we at Elasticito, spend a lot of time working with information security teams and senior management helping them to understand and manage cyber risks, threats and threat actor capabilities within the context of their businesses.  It seems to me, that the complex world of cyber security is actually not much more complex than the dynamics between cats, dogs and garden fences.

By |2021-04-27T20:28:44+00:00April 27th, 2021|Blog|0 Comments