Rewind
All the content from last year’s PeepSec, Impact and flagship industry events
Top Takeaways from GTR Asia 2020
Global Trade Review
Categorizing human phishing difficulty: a Phish Scale
As organizations continue to invest in phishing awareness training programs, many chief information security officers (CISOs) are concerned when their training exercise click rates are high or variable, as they must justify training budgets to organization officials...
Post-pandemic, CISOs are overlooking cyber security
In the new normal, we need to make the most of every defence we have “OK, hit me with it,” says Chief Technology Officer Xu Parker to his CISO, Jeff Jones. Jeff has had ample time to prepare for the Zoom meeting. He’s ready for the question. He purses his lips....
Passive- and not active-risk tendencies predict cyber security behavior
Vulnerabilities to online cyber-related crime are typically the result of poor decisions on the part of users. To date, research on risk-taking behavior applied to cyber-security situations has concentrated mainly on the risks that stem from active behavioral choices...
When believing in technology leads to poor cyber security: Development of a Trust in Technical Controls Scale
While technical controls can reduce vulnerabilities to cyber threats, no technology provides absolute protection and we hypothesised that people may act less securely if they place unwarranted trust in these automated systems. This paper describes the development of a...
UK workers using unauthorized personal devices to work from home
ITProPortal
Poor Cybersecurity Behaviors Prevalent Amongst UK Remote Workers
InfoSecurity Magazine
A quarter of UK office workers use unauthorized devices to work from home
BetaNews
We thought we needed to secure remote workers. We were wrong.
Post-COVID, we need to do a great deal more It’s CybSafe’s monthly virtual All Hands meeting. We’re 15 minutes in. And CEO Oz Alashe has just announced some significant news: Following COVID, no CybSafe employee will be bound to a physical office. Instead, CybSafe...
Strengthen security culture through communications and awareness programs
Formally adopted security policies, well-defined security governance, and clear security-related roles in the business are prerequisites for a successful security program. But in the background behind the visible security governance and security program machinery is...
An investigation of phishing awareness and education over time: When and how to best remind users
Security awareness and education programmes are rolled out in more and more organisations. However, their effectiveness over time and, correspondingly, appropriate intervals to remind users’ awareness and knowledge are an open question. In an attempt to address this...
Theoretical domains framework applied to cyber security behaviour
The challenge of changing user cybersecurity behaviour is now in the foreground of cybersecurity research. To understand the problem, cybersecurity behaviour researchers have included, into their studies, theories from the Psychology domain. Psychology makes use of...
A practice-based approach to security management: Materials, meaning and competence for trainers of healthcare cyber security
Managing how new digital technologies are integrated into different contexts has become a key component needed for effective international security management. This chapter focuses on rethinking our approach to the integration of digital technologies within...
4 in 10 organisations punish staff for cybersecurity errors
HelpNetSecurity
Many organizations taking disciplinary action over cybersecurity blunders
ITProPortal
Zero-trust is up post-COVID-19, but you’d be wrong for thinking it will keep networks safe
“Now a good chunk of your critical assets are behind the firewall, but all your employees are not.” That’s what NetMotion CEO Christopher Kenessey said recently. He was summarising the problem we’re all facing: All of a sudden, the working world has changed. How can...
Punishing cybersecurity errors found to be counterproductive
InfoSecurity Magazine
Intro to Cyber Security
A beginner’s introduction to cyber security & the human aspect of cyber security This list of free (or cheap) resources is a good introduction to cyber security, computer science and the human aspect of cyber security. It's by no means exhaustive, covering only...
Insider threat detection based on anomalous behavior of user for cyber security
In today’s competitive world, business security is essential. To secure the business processes and confidential data, organizations have to protect the system by implementing new policies and techniques to detect the threats and control it. Threats for cybersecurity...
Exploring phishing susceptibility attributable to authority, urgency, risk perception and human factors
Security breaches nowadays are not limited to technological orientation. Research in the information security domain is gradually shifting towards human behavioral orientation toward breaches that target weaknesses arising from human behaviors (Workman et al., 2007)....
Overcoming gender disparity in cyber security profession
The workforce shortage and gender disparity in cybersecurity profession pose a greater risk to the digital economies from cyber adversaries. The global efforts and initiatives for women to pursue career in cybersecurity field tend to be lesser than men along with...