Blog

GPT-Summary-2023-EN
Blog

The 2023 Gone Phishing Tournament Results: Everything You Need to Know

Tue, 02/20/2024
The results of Fortra’s Gone Phishing Tournament are here, and they highlight the potential power and danger of phishing across the world. This global test uncovered that 1 in 10 individuals are susceptible to these attacks, which would have led to 90,000 compromised passwords if the campaign had been an actual cyber attack. This year’s tournament featured an updated email...
Compliance
Security Awareness Training
cyber security swipe right blog image
Blog

Swipe Right on Cyber Security: Let’s Talk About Zodiac Signs

Mon, 02/12/2024
With Valentine’s Day upon us, our thoughts turn to love, compatibility, and cyber security. As Cupid strings his bow this Valentine’s Day, let’s explore how the stars might be influencing your approach to online security. Are you a Leo who roars against cyber threats, or a Pisces swimming through the sea of digital privacy? Remember, while the universe might hold many...
Compliance
Data Privacy
Security Awareness Training
Most-Dangerous-Healthcare-Cyber-Attacks-EN
Blog

The 7 Most Dangerous Healthcare Cyber Attacks

Fri, 02/02/2024
While industries like banking and software can be devastated by cyber attacks, no other field is impacted by hackers like healthcare. As an example, it’s hard to forget attacks like the ransomware that brought all 400 locations of Universal Health Services to a standstill for months in the United States. Healthcare facilities often can’t operate if they don’t have access to...
Compliance
Security Awareness Training
Law 25: Everything You Need To Know to Ensure Compliance
Blog

Law 25: Everything You Need To Know to Ensure Compliance

Fri, 01/26/2024
Online privacy and data protection have become pressing issues in recent years that many governments have decided to legislate. The Legault CAQ government has been behind many digital-related innovations, so it’s not surprising to see legislation like this. This law is a legislative update since existing laws inadequately address digital data. It should be noted that Law 25...
Compliance
Blog

The Evolution and Limitations of Multi-Factor Authentication

Mon, 01/22/2024
As careers, banking, and healthcare move online, the need for more secure authentication has become increasingly urgent. While passwords have been adopted as the most common form of authentication, they pose many problems in terms of cyber security. In recent years, especially since the rise of remote work in 2019, the adoption of multi-factor authentication (MFA) has steadily...
Compliance
Data Privacy
Security Awareness Training
The 5 Most Spoofed Brands in the World
Blog

The 5 Most Spoofed Brands in the World

Fri, 11/10/2023
“On the internet, nobody knows you’re a dog.”     Cartoon by Peter Steiner There’s a reason this cartoon gained popularity in 1993 and has now become an iconic representation of how the internet works. The internet provides a way for people to hide their real identities, which can unfortunately lead to dishonest activities. Nowadays, scammers take advantage of this to...
Cyber Threats
Spoofing
Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms
Blog

Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms

Mon, 08/14/2023
Telecommunications companies (telecoms) have been prime targets for cyber attackers. They operate critical infrastructure passage, and vast amounts of customer data pass through their networks. The United States Federal Communications Commission (FCC) is aiming to strengthen data security with new regulations around data breach reporting by communications carriers. The agency...
Compliance
The California Privacy Rights Act (CPRA) and How it Affects Your Business
Blog

The California Privacy Rights Act (CPRA) and How it Affects Your Business

Thu, 03/23/2023
New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers...
Compliance
Data Privacy
March 2023 Marks the 19th Anniversary of Fraud Prevention Month in Canada
Blog

March 2023 Marks the 19th Anniversary of Fraud Prevention Month in Canada

Mon, 03/13/2023
March is Fraud Prevention Month, and Terranova Security wants to take this opportunity to emphasize the importance of raising awareness on information security best practices. Let’s stop online fraud in its tracks. As security professionals focused on Information Security Awareness (ISA), much of what we do is fraud prevention. Our aims and actions have a direct link to Fraud...
Cyber Threats
Identity Theft
7 Types of Spoofing Attacks And How To Detect Them
Blog

7 Types of Spoofing Attacks And How To Detect Them

Fri, 05/20/2022
Spoofing refers to an attack where hackers use various ways to disguise their identity so that their victims think they are talking to their coworker, boss, or business. The methods used to achieve this are the typical phishing tropes such as fake websites, links, and social engineering. When spoofing is involved, it’s often more helpful to focus on detecting the facade rather...
Cyber Threats
Spoofing
Security Awareness and Working From Home: What About Devices with Personal Voice Assistants?
Blog

Security Awareness and Working From Home: What About Devices with Personal Voice Assistants?

Tue, 03/23/2021
Personal voice assistants have proven to be a great technological innovation that improves lives daily. With 4.2 billion of these devices in use in 2020, they are no longer just a novelty, and, with workers staying home for the foreseeable future, voice assistants could pose a sizeable security risk. Voice assistants are mostly known as standalone speakers that people talk to...
Bring Your Own Device (BYOD)
How to Protect Against Identity Theft
Blog

How to Protect Against Identity Theft

Thu, 02/25/2021
Imagine waking up one day and the organizations you deal with – your bank, your workplace, the tax office, your educational institution – don’t recognize you as you. Sounds like science fiction, right? In its extreme version, it is. But versions of this story are playing out for people and organizations daily as incidences of identity theft occur more frequently around the...
Cyber Threats
Identity Theft
Don’t Be Fooled By A Spoofing Attack
Blog

Don’t Be Fooled By A Spoofing Attack

Tue, 05/26/2020
Know how to identify and prevent a spoofing attack Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes. Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical...
Cyber Threats
Spoofing
Blog

Consumerization of IT Through BYOD: Is Your Company Ready?

Mon, 03/03/2014
The consumerization of IT is when employees use their own personal mobile devices, such as laptop computers, tablets, smart phones, etc. at work, referred to as BYOD (bring your own device). This use is becoming increasingly common and exposes companies to a variety of risks, including the protection of personal information. Canadian businesses appear to be leading the world...
Bring Your Own Device (BYOD)
Data Privacy
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance

The ISO/IEC 27002 Standard

Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Compliance

Identity Theft

Tue, 08/27/2013
Identity theft is not a new phenomenon, but has evolved with the advent of information technology. Nowadays, access to a large amount of information available on the Internet, the exploitation of IT or the use of various scams allow fraudsters to obtain private or confidential information about their victims in order to steal their identity and then commit malfeasance. ...
Cyber Threats
Identity Theft
Blog

Supplementary guide to achieving PCI-DSS compliance cloud computing

Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS...
Cloud Security
Compliance