Blog

GPT-Summary-2023-EN
Blog

The 2023 Gone Phishing Tournament Results: Everything You Need to Know

Tue, 02/20/2024
The results of Fortra’s Gone Phishing Tournament are here, and they highlight the potential power and danger of phishing across the world. This global test uncovered that 1 in 10 individuals are susceptible to these attacks, which would have led to 90,000 compromised passwords if the campaign had been an actual cyber attack. This year’s tournament featured an updated email...
Compliance
Security Awareness Training
cyber security swipe right blog image
Blog

Swipe Right on Cyber Security: Let’s Talk About Zodiac Signs

Mon, 02/12/2024
With Valentine’s Day upon us, our thoughts turn to love, compatibility, and cyber security. As Cupid strings his bow this Valentine’s Day, let’s explore how the stars might be influencing your approach to online security. Are you a Leo who roars against cyber threats, or a Pisces swimming through the sea of digital privacy? Remember, while the universe might hold many...
Compliance
Data Privacy
Security Awareness Training
Most-Dangerous-Healthcare-Cyber-Attacks-EN
Blog

The 7 Most Dangerous Healthcare Cyber Attacks

Fri, 02/02/2024
While industries like banking and software can be devastated by cyber attacks, no other field is impacted by hackers like healthcare. As an example, it’s hard to forget attacks like the ransomware that brought all 400 locations of Universal Health Services to a standstill for months in the United States. Healthcare facilities often can’t operate if they don’t have access to...
Compliance
Security Awareness Training
Law 25: Everything You Need To Know to Ensure Compliance
Blog

Law 25: Everything You Need To Know to Ensure Compliance

Fri, 01/26/2024
Online privacy and data protection have become pressing issues in recent years that many governments have decided to legislate. The Legault CAQ government has been behind many digital-related innovations, so it’s not surprising to see legislation like this. This law is a legislative update since existing laws inadequately address digital data. It should be noted that Law 25...
Compliance
Blog

The Evolution and Limitations of Multi-Factor Authentication

Mon, 01/22/2024
As careers, banking, and healthcare move online, the need for more secure authentication has become increasingly urgent. While passwords have been adopted as the most common form of authentication, they pose many problems in terms of cyber security. In recent years, especially since the rise of remote work in 2019, the adoption of multi-factor authentication (MFA) has steadily...
Compliance
Data Privacy
Security Awareness Training
Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms
Blog

Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms

Mon, 08/14/2023
Telecommunications companies (telecoms) have been prime targets for cyber attackers. They operate critical infrastructure passage, and vast amounts of customer data pass through their networks. The United States Federal Communications Commission (FCC) is aiming to strengthen data security with new regulations around data breach reporting by communications carriers. The agency...
Compliance
The California Privacy Rights Act (CPRA) and How it Affects Your Business
Blog

The California Privacy Rights Act (CPRA) and How it Affects Your Business

Thu, 03/23/2023
New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers...
Compliance
Data Privacy
The Security Risks of Improper Employee Offboarding and How to Prevent It
Blog

The Security Risks of Improper Employee Offboarding and How to Prevent It

Fri, 03/17/2023
Employees come and go for a variety of reasons. If you’re lucky, they’ll be very cooperative with the offboarding process, but this isn’t always the case. And even if they are, you still have to take it with a grain of salt. Some say that calm and cooperative offboarding is often the most dangerous because people aren’t as diligent when the situation seems lax. If these...
Cyber Threats
Human Risk
How to Transition from Data Protection to Cyber Culture
Blog

How to Transition from Data Protection to Cyber Culture

Wed, 12/28/2022
The way we think about data protection is changing. Cyber culture is emerging as the new norm, and organizations must adapt their strategies to stay ahead of the curve. Data protection has traditionally focused on preventing breaches and protecting sensitive information. However, cyber culture goes beyond this by encompassing all aspects of online life. It includes everything...
Cyber Threats
Human Risk
How to Protect Your Sensitive Information from Word Document Malware
Blog

How to Protect Your Sensitive Information from Word Document Malware

Tue, 12/27/2022
If you’re a company that uses email scanning technology as the first line of cyber defense, you should know about a recent slate of malicious Word document-based attacks. These attacks are designed to deliver malware and ransomware to targeted systems. Security researchers at Cisco Talos recently identified an attack where Word document files attached to emails were used to...
Cyber Threats
Malware
Office 365
What You Need to Know About The Office-365 Phishing Campaign Targeting C-Suite Executives
Blog

What You Need to Know About The Office-365 Phishing Campaign Targeting C-Suite Executives

Fri, 02/12/2021
During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their...
Cyber Threats
CEO Fraud
Phishing
Office 365
Learn How Security Awareness Can Help Prevent Insider Threats in Your Organization
Blog

Learn How Security Awareness Can Help Prevent Insider Threats in Your Organization

Tue, 12/08/2020
Actionable security awareness tips on how employees can prevent insider threats  A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization. Insider threats unfortunately are not simply the stuff...
Cyber Threats
Human Risk
Security Awareness Training
The 2020 Security Awareness Virtual Summit for Partners: Here’s What You Need to Know
Blog

The 2020 Security Awareness Virtual Summit for Partners: Here’s What You Need to Know

Mon, 10/26/2020
Robust, engaging security awareness training is an essential part of strong cyber security practices, especially given the accelerated digital transformation and shift by many organizations to remote workforces. It can also be a crucial value-added product for resellers, distributors, MSSPs, OEMs partners and technology partners, who are looking to expand their portfolio,...
Office 365
Security Awareness Training
How to Protect Your Data from the Microsoft Office 365 Phishing Scam
Blog

How to Protect Your Data from the Microsoft Office 365 Phishing Scam

Fri, 07/31/2020
Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a...
Cyber Threats
Phishing
Office 365
Terranova Security Partners with Microsoft
Press Release

Terranova Security Partners with Microsoft

Thu, 02/20/2020
Bringing the Best in Security Awareness Content to Microsoft Customers Terranova Security has announced that it has partnered with Microsoft Microsoft is leveraging our phishing, security awareness, social engineering, and cyber security content in Microsoft Office 365 Advanced Threat Capabilities (Office 365 ATP). “Microsoft’s technology and platform enriches us with...
Office 365
Security Awareness Training
Cyber Security Breaches – Reduce The Human Risk Factor
Blog

Cyber Security Breaches – Reduce The Human Risk Factor

Wed, 10/24/2018
You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it...
Cyber Threats
Human Risk
Data Breach
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance

The ISO/IEC 27002 Standard

Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Compliance
Blog

Supplementary guide to achieving PCI-DSS compliance cloud computing

Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS...
Cloud Security
Compliance