Resources

what_is_baiting
Blog

What is Baiting in Cyber Security?

Mon, 03/04/2024
Image Cyber criminals are constantly evolving their methods, but their biggest leverage for growth will always be exploiting the human factor. Software and physical measures against cyber attacks have become so advanced that tricking workers is the only remaining attack vector criminals can reliably use. According to Verizon’s 2023...
Security Awareness Training
Phishing Simulation
GPT-Summary-2023-EN
Blog

The 2023 Gone Phishing Tournament Results: Everything You Need to Know

Tue, 02/20/2024
The results of Fortra’s Gone Phishing Tournament are here, and they highlight the potential power and danger of phishing across the world. This global test uncovered that 1 in 10 individuals are susceptible to these attacks, which would have led to 90,000 compromised passwords if the campaign had been an actual cyber attack. This year’s tournament featured an updated email...
Compliance
Security Awareness Training
cyber security swipe right blog image
Blog

Swipe Right on Cyber Security: Let’s Talk About Zodiac Signs

Mon, 02/12/2024
With Valentine’s Day upon us, our thoughts turn to love, compatibility, and cyber security. As Cupid strings his bow this Valentine’s Day, let’s explore how the stars might be influencing your approach to online security. Are you a Leo who roars against cyber threats, or a Pisces swimming through the sea of digital privacy? Remember, while the universe might hold many...
Compliance
Data Privacy
Security Awareness Training
quishing EN
Blog

What is Quishing?

Fri, 02/09/2024
QR codes have come a long way since being invented in 1994 by a subsidiary of Toyota. Initially introduced to address some limitations of barcodes during the car manufacturing process, QR codes have since become staples in people’s day-to-day lives. The introduction of high-powered cameras to most modern smartphones is what allowed these codes to gain new uses. QR codes,...
Cyber Threats
Phishing
Mobile Security
Security Awareness Training
Phishing Simulation
Most-Dangerous-Healthcare-Cyber-Attacks-EN
Blog

The 7 Most Dangerous Healthcare Cyber Attacks

Fri, 02/02/2024
While industries like banking and software can be devastated by cyber attacks, no other field is impacted by hackers like healthcare. As an example, it’s hard to forget attacks like the ransomware that brought all 400 locations of Universal Health Services to a standstill for months in the United States. Healthcare facilities often can’t operate if they don’t have access to...
Compliance
Security Awareness Training
Law 25: Everything You Need To Know to Ensure Compliance
Blog

Law 25: Everything You Need To Know to Ensure Compliance

Fri, 01/26/2024
Online privacy and data protection have become pressing issues in recent years that many governments have decided to legislate. The Legault CAQ government has been behind many digital-related innovations, so it’s not surprising to see legislation like this. This law is a legislative update since existing laws inadequately address digital data. It should be noted that Law 25...
Compliance
Supply Chain Attacks EN
Blog

The 5 Most Common Supply Chain Attacks

Thu, 01/25/2024
Say, have you heard anything about supply chains lately? Of course, you have. This phrase has entered the zeitgeist with more gusto than Taylor Swift oozing rizz in a Chiefs jersey. When we talk about the price of things, be they groceries or concert tickets, the conversation inevitably turns to someone remarking on “the supply chain,” and the rest of us nod knowingly. Which...
Risk Management
Supply Chain Risk Management
Security Awareness Training
Blog

The Evolution and Limitations of Multi-Factor Authentication

Mon, 01/22/2024
As careers, banking, and healthcare move online, the need for more secure authentication has become increasingly urgent. While passwords have been adopted as the most common form of authentication, they pose many problems in terms of cyber security. In recent years, especially since the rise of remote work in 2019, the adoption of multi-factor authentication (MFA) has steadily...
Compliance
Data Privacy
Security Awareness Training
How to Avoid Phishing Simulations False Positives?
Blog

How to Avoid Phishing Simulations False Positives?

Fri, 11/03/2023
This year is seeing more phishing attacks in more places, having more detrimental impacts. One security messaging provider noted a 61% increase in phishing attacks between April and October 2022 compared to the same period the previous year. Another report observed that when phishing attacks were successful in 2022, financial losses from those incidents increased by 76%. In...
Cyber Threats
Phishing
Security Awareness Training
Phishing Simulation
How to Develop Security Awareness Training
Blog

How to Develop Security Awareness Training

Mon, 10/09/2023
According to Valimail’s Spring 2019 Email Fraud Landscape, about 3.4 billion phishing emails are sent each day, making it one of the most common types of cyber attacks. This number shows how crucial it is to train your employees so they can recognize and report malicious emails. That’s where cyber security awareness training comes in. With the right training program, you can...
Phishing
Risk Management
Third-Party Risk Management
Security Awareness Training
The Chain Reaction: Why Cyber Security in Supply Chain Networks is Critical
Blog

The Chain Reaction: Why Cyber Security in Supply Chain Networks is Critical

Fri, 09/15/2023
Imagine countless organizations working together like a well-oiled machine to create and deliver the products and services we rely on. That’s what supply chain networks are. Like a machine, each connection is vital to make the whole thing work. It’s a delicate dance of supply and demand, where each organization plays its part in keeping the network alive and thriving. And...
Risk Management
Supply Chain Risk Management
Risky Business: When Third-Party Troubles Become Your Own
Blog

Risky Business: When Third-Party Troubles Become Your Own

Tue, 09/05/2023
Businesses don’t stand and operate alone. Organizations partner with an average of 10 third-party vendors to manage their operations. Especially when talking about large corporations—they collaborate with various other organizations or firms helping them manage and advance their operations. These firms include suppliers, manufacturers, service providers, software vendors,...
Risk Management
Third-Party Risk Management
Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms
Blog

Updated FCC Legislation Could Mean New Data Privacy Requirements for Telecoms

Mon, 08/14/2023
Telecommunications companies (telecoms) have been prime targets for cyber attackers. They operate critical infrastructure passage, and vast amounts of customer data pass through their networks. The United States Federal Communications Commission (FCC) is aiming to strengthen data security with new regulations around data breach reporting by communications carriers. The agency...
Compliance
How to Enhance Third Party Risk Management with Cyber Security Training
Blog

How to Enhance Third Party Risk Management with Cyber Security Training

Mon, 06/12/2023
Did you know that on average, every company is connected to ten third-party businesses? There’s the payroll services company that remotely manages employee wages. The Software-as-a-Service (SaaS) cloud storage provider that backs up customer account data. The security company that provides access control to company buildings and systems. To achieve an efficient supply chain,...
Risk Management
Third-Party Risk Management
Why Your Third-Party Vendors Have Almost Definitely Been Breached and What to Do About It
Blog

Why Your Third-Party Vendors Have Almost Definitely Been Breached and What to Do About It

Mon, 04/17/2023
The news from Human Resources is that employees are happier than ever. Working from home using third-party vendor services makes work easier and more flexible. The news from IT is less enthusiastic. A recent report showed that a whopping 98% of organizations have at least one third-party provider that has suffered a data breach in the last two years. Third-party vendor...
Risk Management
Third-Party Risk Management
The California Privacy Rights Act (CPRA) and How it Affects Your Business
Blog

The California Privacy Rights Act (CPRA) and How it Affects Your Business

Thu, 03/23/2023
New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers...
Compliance
Data Privacy
How to Build a Successful Phishing Simulation Campaign
Blog

How to Build a Successful Phishing Simulation Campaign

Thu, 02/24/2022
Phishing threats are everywhere, and if your employees don’t know how to spot them, you’re putting your information at risk. Knowing how to build a successful phishing simulation is vital for identifying how well employees can spot the latest threats and ensuring they know how to spot them independently. Unfortunately, many organizations fail to offer adequate security...
Security Awareness Training
Phishing Simulation
How to Successfully Manage Repeat Clickers
Blog

How to Successfully Manage Repeat Clickers

Fri, 06/12/2020
(7 min read) Using online security awareness training to lower your click rate Recognizing a potential phishing email is the first step in avoiding falling victim to a cyber attack. The next and most important step is knowing what to do with this email. Ideally, you want your employees to report the phishing email to you and then delete the message. However, curiosity is...
Security Awareness Training
Phishing Simulation
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance