3 Essential Security Awareness Training Topics for 2021 In 2021, organisations must lead the charge to educate the workforce on cyber security best practice. Threats are growing to become more sophisticated every day, and it is critical for employees to know how to defend their data and systems. Security awareness training is essential to keep your organisation protected, and it is indeed one of the most cost-efficient ways you can protect yourself from data breaches. Below we have listed 3 essential security awareness training topics to look out for in 2021. A Human Firewall A lot was achieved in 2020. The new era of remote working became the norm, despite the difficulties that came with it. Cyber threats, data hacks, threats to employee privacy and security and online fraud were just some of the issues that grew in importance. Businesses had to adapt to these challenges and develop new strategies
SANS Security Awareness Announces Further Expansion in Europe with Strategic Channel Sales Relationship with Elasticito North Bethesda, MD, USA and London, UK – 6 JULY, 2021 – SANS Security Awareness, the global leader in providing security awareness training, today announces a new strategic partnership with Elasticito, a leading cyber risk advisory and solutions provider in Europe, to bring continuous security awareness programs to companies across the Europe, Middle East and Africa regions. There has never been a more important time for security awareness training The accelerated shift to digital and remote working, brought on by the COVID-19 pandemic has enabled new and productive ways of working. It has also significantly increased interaction with sensitive information and data, combined with new collaborative ways of working, that has increased the urgency to assess, train and nurture security awareness to make employees think about privacy protection and security as a main priority.
Mitigating a Ransomware Attack – Can Security Awareness Training Assist? As the frequency and cost of ransomware attacks continue to rise, solutions for ransomware mitigation and prevention must be at the top of every IT leader and department's list of priorities. Where most see crisis, cybercriminals see opportunity. In this article, learn how security leaders can meet the challenges of mitigating ransomware threats and phishing attacks. Is security awareness training the answer? Traditional ransomware tricks users into running it and then it replicates itself on various endpoints across the network. It then encrypts those systems and demands a ransom — usually some type of cryptocurrency — in exchange for a decryption key to rescue data and files. Since the start of the pandemic, there has been a global surge in ransomware attacks. 40% of organisations in the UK, US, Canada, and Germany have suffered from a ransomware attack in the last
Making the case for Security Assessment Questionnaire Response Automation Business partnerships require trust – without it, success is very difficult to attain. In the current business landscape, however, it's increasingly difficult to tell whether a vendor is trustworthy and deserving of that trust. As information technology becomes more advanced, so do the ways in which trust can be broken. Today, the potential for intentional or unintentional breakage of it has increased multifold. Assessing security risk with questionnaires is one method to effectively understand the security risk that a vendor may pose to the business, particularly if you entrust them with your data. If you are reading this article, you’ve more than likely handled your fair share of security assessment questionnaires. Like us, you are probably frustrated by the entire process too. We would like to make the case for automated security questionnaires in the article below. The traditional approach to
10 Tips for Detecting and Mitigating Phishing Attacks Despite being a well known problem, phishing remains a significant issue for companies. Notwithstanding the increased sophistication of new malware and advanced persistent threats, phishing is still one of the most effective ways to breach networks, steal money and credentials, and exfiltrate data. Phishing can be the first stage in a sophisticated information-stealing attack. It's a tried and true method that cyber criminals have been using for years but are now adapting to their own needs. It remains pervasive because phishers get away with it so often. Read on for ways to detect and mitigate phishing attacks. There are many types of phishing attacks organisations must be wary of. The main outcomes of all phishing attempts are to steal credentials, instigate a ransomware attack, install malware or trick a person into making a payment for a fictitious service. “Phishing emails are one
Ransomware: Facts, Risks, and Countermeasures Ransomware has been a major threat to cyber security in the past few years. The malware encrypts files, locking them and demanding a ransom to unlock them. These ransomware attacks have affected organisations, hospitals, schools, municipalities and enterprises. Ransomware is becoming more sophisticated and difficult to stop, with attackers increasingly encrypting data before demanding money to decrypt it. One thing is certain: ransomware attacks have many different appearances and come in all shapes and sizes. Continue reading to find out about the latest development in the fight against ransomware. Malware with a ransom note Ransomware is a type of malware that is used to encrypt files held on a computer in such a way that they can only be unencrypted by paying a ransom. Victims are told that they must pay the ransom, or risk to lose access to their files forever. Users are shown
The Ransomware Revolution In recent years, we’ve seen a fundamental shift in how threat actors approach ransomware. Threat actors today are not as interested in taking credit for encrypting files and escaping with stolen funds or valuable data. They’re more focused on destroying backups and exfiltrating data before they can be recovered. According to Forbes, this significant alteration has increased the scope of cyber attacks, raising ransom payments much higher than prior averages. Forbes emphasises that average ransomware payments have steadily risen over the past five years, from less than $300 in 2015 to $6,700 in 2018 to $111,000 in 2020. Continue reading to find out more about the ransomware revolution. The State of Ransomware in 2021 Ransomware was the most common cyber threat to organisations in 2020. It is especially prevalent among finance, e-commerce, and healthcare companies. In addition to the costs of security incidents, ransomware also has a negative impact on victim companies'
Security Awareness Training – are organisations doing enough? Security awareness training is a vital way to prepare employees for the threats that surround them. After all, your employees are your cyber security team's first line of defense. The strength of your cyber security program depends on the security awareness your employees possess. In order for you to establish a security aware culture, it's essential that you have an ongoing commitment from everyone: managers, all departments, and people in your organisation. It essentially means everyone needs to be on board, aware of what goes on, and supportive of the effort. An effective security awareness training program must be informed by regular training sessions, not just a single quarterly email about phishing. The key benefit of security awareness training lies in the fact that it equips employees with the knowledge they need to combat these threats. Continue reading to find out if
Are dashboards the future of cyber security reporting? Part 1 Today, C-level executives are making more of an investment in IT security than ever before. In response, information security officers are now regularly needed to report on the security posture of their organisation and communicate their findings to the board. Now more than ever, CISO's and their lieutenants are in need of robust reports that provide visibility into security-related metrics. The legacy reporting tools that used to be the standard for CISO’s are becoming obsolete and ineffective. More cyber security activities than ever before require detailed and condensed reports. Pulling together a few useful documents and summaries is no longer enough; CISO's need deep dives that provide visibility into critical security metrics. Join us as we explore new technologies to answer a single question: are dashboards the future of cyber security reporting? Data visualisations and considerations Data is only as
4 Tips for a successful cyber threat intelligence program The information security threat landscape is constantly evolving, becoming more complex and in many cases, overpowering the security environment. The number of successful hacker attacks each day is increasing. Cyber criminals are continually developing new ways to disrupt organisations via cyberextortion, supply chain hacks, and other cunning tactics. An organisation's security team must be more proactive in planning for and dealing with these threats. One of the ways to do this is to make use of cyber threat intelligence (CTI). Here’s how to get the most from your CTI program. What is cyber threat intelligence? In essence, cyber threat intelligence can identify and analyse cyber threats to your organisation. It’s what becomes of data after it’s been gathered, processed and analysed. CTI relies heavily on analysis: sifting through large amounts of data to spot realistic problems and then deploying suitable solutions