Build your team of Cyber Heroes Imagine your organization is being hit with a phishing attack, one of the most common cyber security threats users face today. In an organization with weak cyber security culture, users might see the phishing attempt, quickly disregard it and move on about their day feeling like it’s not their problem. “They click on a link and then feel like it’s someone else’s...

Social networking overlaps corporate and personal lives, and so should the mission to create a culture of security awareness. It’s true. There was little – if nothing – any Facebook user could have done to prevent their passwords from getting exposed earlier this spring. Just look at the facts of the case, said Theo Zafirakos, Chief Information Security Officer and Security Awareness Coach at...

Gartner has named Terranova a Leader in the Magic Quadrant for Security Awareness computer-based training! We are very pleased to see that Gartner has recognized us based on what we feel is the significant work that we have done to execute on our vision and demonstrate leadership in the market. The Security Awareness Training market is characterized by a relatively low barrier to entry. While it...

You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it comes to cyber...

We know that the human factor and employee engagement are critical when talking about raising cyber security awareness . You’ve invested a lot in technologies or highly sophisticated processes, but your employees will still be the last line of defense in thwarting a cyberattack. On the other hand, they’re the ones who are hardest to mobilize! In 2017, a major study was conducted among...

Make Your Passwords Secure Again! In connection with the most recent security breaches, let's take a few minutes to highlight the importance of talking with your employees about password safety. Cyber criminals strive to infiltrate our networks and weak passwords are a way in. Empowering your employees with cyber security awareness training is an excellent way to teach best practices for password...

Security Awareness Professionals! This Is Day 3 of Gartner Security and Risk Management Summit 2018. Join Terranova at booth 119! We have been exchanging numerous ideas with participants about raising security awareness effectively and user training initiatives. Consequently, we are focusing our discussion on security awareness. We ask the following question: “How do you measure employees’...

Without awareness, there is no security. Truly an inseparable pair! This is Day 4 of RSA Conference 2018 , and the Terranova team has been engaging in some interesting conversations. You have expressed views and concerns regarding Information Security Awareness (ISA). And we are taking notes! The article that follows discusses the first phases of implementation of a security awareness program...

The secret for continuous growth is to strive for success through effective learning opportunities and employee engagement. Organizing educational content for your business has its challenges, especially when priorities are not arranged efficiently. From compliance to learner validation and user experience, any number of factors can make or break your business’ learning efforts. When aiming for...

Gartner has recognized Terranova WW Corporation among the leaders in its 2016 Magic Quadrant for Security Awareness Computer-Based Training. “We are proud to have been recognized by Gartner again this year,” said Terranova President Lise Lapointe. “We believe this position solidifies our status as a world leading provider in information security awareness solutions.” Widely regarded as THE global...

By this point, the dangers presented by phishing attacks are becoming increasingly well known. Business leaders recognize that information security awareness is critical for organizations of all kinds, and these programs need to focus heavily on phishing if firms want to remain protected in the current cybersecurity landscape. Phishing attacks have become among the most dangerous forms of...

While certainly not the biggest data breach in recent memory, this Rogers Communications incident demonstrates how a seemingly small employee error can have significant consequences in the realm of cybersecurity. Data breaches have become major news topics and with good reason. These incidents have major implications not just for the businesses affected but also for their employees, their...

Latin American companies need to increase their investment in cybersecurity, including security awareness training for employees. Data breaches and cybercrime used to be seen as shocking, alarming and difficult to fathom. Today, they seem almost run of the mill. The world and many of its criminals have gone digital, and yet countless organizations have yet to embrace new strategies that can...

New data breach notification proposals from President Obama and other political leaders will only exacerbate the impact of these incidents. The stakes surrounding cybersecurity aren’t just increasing – they are expanding. For years now, business leaders have understood that data breaches are a serious issue, one which firms must do everything in their power to avoid. After all, these incidents can...

The consumerization of IT is when employees use their own personal mobile devices, such as laptop computers, tablets, smart phones, etc. at work, referred to as BYOD (bring your own device). This use is becoming increasingly common and exposes companies to a variety of risks, including the protection of personal information. Canadian businesses appear to be leading the world in IT consumerization...

Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources are used responsibly...

As a follow up to the Business Continuity Management program article , here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a response plan to deal...

The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the information’s security...

Identity theft is not a new phenomenon, but has evolved with the advent of information technology. Nowadays, access to a large amount of information available on the Internet, the exploitation of IT or the use of various scams allow fraudsters to obtain private or confidential information about their victims in order to steal their identity and then commit malfeasance. Information sought for...

In April 2013, the Canadian government announced its action plan for cybersecurity and highlighted the successes realized within the framework of its cybersecurity strategy to enhance cyberspace security for Canadians. One such measure involves the Canadian Cyber Incident Response Center (CCIRC), which supports Public Safety Canada, acting as the national coordinating center for cybersecurity...