Blog

GPT-Summary-2023-EN
Blog

The 2023 Gone Phishing Tournament Results: Everything You Need to Know

Tue, 02/20/2024
The results of Fortra’s Gone Phishing Tournament are here, and they highlight the potential power and danger of phishing across the world. This global test uncovered that 1 in 10 individuals are susceptible to these attacks, which would have led to 90,000 compromised passwords if the campaign had been an actual cyber attack. This year’s tournament featured an updated email...
Compliance
Security Awareness Training
cyber security swipe right blog image
Blog

Swipe Right on Cyber Security: Let’s Talk About Zodiac Signs

Mon, 02/12/2024
With Valentine’s Day upon us, our thoughts turn to love, compatibility, and cyber security. As Cupid strings his bow this Valentine’s Day, let’s explore how the stars might be influencing your approach to online security. Are you a Leo who roars against cyber threats, or a Pisces swimming through the sea of digital privacy? Remember, while the universe might hold many...
Compliance
Data Privacy
Security Awareness Training
quishing EN
Blog

What is Quishing?

Fri, 02/09/2024
QR codes have come a long way since being invented in 1994 by a subsidiary of Toyota. Initially introduced to address some limitations of barcodes during the car manufacturing process, QR codes have since become staples in people’s day-to-day lives. The introduction of high-powered cameras to most modern smartphones is what allowed these codes to gain new uses. QR codes,...
Cyber Threats
Phishing
Mobile Security
Security Awareness Training
Phishing Simulation
Most-Dangerous-Healthcare-Cyber-Attacks-EN
Blog

The 7 Most Dangerous Healthcare Cyber Attacks

Fri, 02/02/2024
While industries like banking and software can be devastated by cyber attacks, no other field is impacted by hackers like healthcare. As an example, it’s hard to forget attacks like the ransomware that brought all 400 locations of Universal Health Services to a standstill for months in the United States. Healthcare facilities often can’t operate if they don’t have access to...
Compliance
Security Awareness Training
Law 25: Everything You Need To Know to Ensure Compliance
Blog

Law 25: Everything You Need To Know to Ensure Compliance

Fri, 01/26/2024
Online privacy and data protection have become pressing issues in recent years that many governments have decided to legislate. The Legault CAQ government has been behind many digital-related innovations, so it’s not surprising to see legislation like this. This law is a legislative update since existing laws inadequately address digital data. It should be noted that Law 25...
Compliance
Blog

The Evolution and Limitations of Multi-Factor Authentication

Mon, 01/22/2024
As careers, banking, and healthcare move online, the need for more secure authentication has become increasingly urgent. While passwords have been adopted as the most common form of authentication, they pose many problems in terms of cyber security. In recent years, especially since the rise of remote work in 2019, the adoption of multi-factor authentication (MFA) has steadily...
Compliance
Data Privacy
Security Awareness Training
The 5 Most Spoofed Brands in the World
Blog

The 5 Most Spoofed Brands in the World

Fri, 11/10/2023
“On the internet, nobody knows you’re a dog.”     Cartoon by Peter Steiner There’s a reason this cartoon gained popularity in 1993 and has now become an iconic representation of how the internet works. The internet provides a way for people to hide their real identities, which can unfortunately lead to dishonest activities. Nowadays, scammers take advantage of this to...
Cyber Threats
Spoofing
Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms
Blog

Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms

Mon, 08/14/2023
Telecommunications companies (telecoms) have been prime targets for cyber attackers. They operate critical infrastructure passage, and vast amounts of customer data pass through their networks. The United States Federal Communications Commission (FCC) is aiming to strengthen data security with new regulations around data breach reporting by communications carriers. The agency...
Compliance
Android vs iOS: Which Operating System is Safer?
Blog

Android vs iOS: Which Operating System is Safer?

Mon, 07/10/2023
Cellphones have seen one of the most dramatic technological growths of any hardware in recent history. From simple portable phones a few decades ago, they’ve become fully-fledged computers with their own OS and applications used daily by most people worldwide. Smartphones have become such a fixture of life, and hackers and scammers have been working to exploit these devices...
Mobile Security
The California Privacy Rights Act (CPRA) and How it Affects Your Business
Blog

The California Privacy Rights Act (CPRA) and How it Affects Your Business

Thu, 03/23/2023
New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers...
Compliance
Data Privacy
The Security Risks of Improper Employee Offboarding and How to Prevent It
Blog

The Security Risks of Improper Employee Offboarding and How to Prevent It

Fri, 03/17/2023
Employees come and go for a variety of reasons. If you’re lucky, they’ll be very cooperative with the offboarding process, but this isn’t always the case. And even if they are, you still have to take it with a grain of salt. Some say that calm and cooperative offboarding is often the most dangerous because people aren’t as diligent when the situation seems lax. If these...
Cyber Threats
Human Risk
How to Transition from Data Protection to Cyber Culture
Blog

How to Transition from Data Protection to Cyber Culture

Wed, 12/28/2022
The way we think about data protection is changing. Cyber culture is emerging as the new norm, and organizations must adapt their strategies to stay ahead of the curve. Data protection has traditionally focused on preventing breaches and protecting sensitive information. However, cyber culture goes beyond this by encompassing all aspects of online life. It includes everything...
Cyber Threats
Human Risk
7 Types of Spoofing Attacks And How To Detect Them
Blog

7 Types of Spoofing Attacks And How To Detect Them

Fri, 05/20/2022
Spoofing refers to an attack where hackers use various ways to disguise their identity so that their victims think they are talking to their coworker, boss, or business. The methods used to achieve this are the typical phishing tropes such as fake websites, links, and social engineering. When spoofing is involved, it’s often more helpful to focus on detecting the facade rather...
Cyber Threats
Spoofing
Learn How Security Awareness Can Help Prevent Insider Threats in Your Organization
Blog

Learn How Security Awareness Can Help Prevent Insider Threats in Your Organization

Tue, 12/08/2020
Actionable security awareness tips on how employees can prevent insider threats  A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization. Insider threats unfortunately are not simply the stuff...
Cyber Threats
Human Risk
Security Awareness Training
This is Why You Need Mobile Responsive Security Awareness Training
Blog

This is Why You Need Mobile Responsive Security Awareness Training

Tue, 06/30/2020
(7 min read) Hint: It has everything to do with effective mobile learning. The past decade’s explosion of smartphone and tablet usage has magnified the importance of well-designed mobile responsive content as a vital part of any training program. Recent studies echo clear mobile learning preference statistics, including how: 70% of learners feel more motivated when training...
Mobile Security
Security Awareness Training
Don’t Be Fooled By A Spoofing Attack
Blog

Don’t Be Fooled By A Spoofing Attack

Tue, 05/26/2020
Know how to identify and prevent a spoofing attack Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes. Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical...
Cyber Threats
Spoofing
Cyber Security Breaches – Reduce The Human Risk Factor
Blog

Cyber Security Breaches – Reduce The Human Risk Factor

Wed, 10/24/2018
You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it...
Cyber Threats
Human Risk
Data Breach
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance

The ISO/IEC 27002 Standard

Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Compliance