Click Armor’s new online phishing awareness game is now free to everyone at http://canibephished.com, to test your proficiency at spotting potentially unsafe email messages.
It is inevitable that cyberattackers will increasingly target the emotions of employees to get them to react without thinking about related risks. Continuous cybersecurity awareness is the best way to help staff prepare for those emotional situations, and improve resilience to attacks.
Why attackers who infect your system may try double dipping if you don’t pay them. Another reason to avoid ransomware at all costs.
When employees have conflicting priorities they may take actions that they think will make them most productive. This can introduce risks into business processes. Management has to take some responsibility beyond saying “be more careful.”
There are many ways that weaknesses in a business process can be exploited by an attacker. This case study illustrates how a contractor was scammed by a fake pricing proposal with updated payment information.
Achieving compliance should not be the goal of a board of directors or C-suite. Aiming for a more mature risk-based approach that uses gamified learning will provide better assurance, and better value that traditional compliance-based security awareness training.
If your organization’s security awareness training is causing training fatigue, can it really be helping employees to resist cyber attacks?