The results of Fortra’s Gone Phishing Tournament are here, and they highlight the potential power and danger of phishing across the world. This global test uncovered that 1 in 10 individuals are susceptible to these attacks, which would have led to 90,000 compromised passwords if the campaign had been an actual cyber attack. This year’s tournament featured an updated email and landing page to...

With Valentine’s Day upon us, our thoughts turn to love, compatibility, and cyber security. As Cupid strings his bow this Valentine’s Day, let’s explore how the stars might be influencing your approach to online security. Are you a Leo who roars against cyber threats, or a Pisces swimming through the sea of digital privacy? Remember, while the universe might hold many mysteries, your cyber...

While industries like banking and software can be devastated by cyber attacks, no other field is impacted by hackers like healthcare. As an example, it’s hard to forget attacks like the ransomware that brought all 400 locations of Universal Health Services to a standstill for months in the United States. Healthcare facilities often can’t operate if they don’t have access to crucial information...

Online privacy and data protection have become pressing issues in recent years that many governments have decided to legislate. The Legault CAQ government has been behind many digital-related innovations, so it’s not surprising to see legislation like this. This law is a legislative update since existing laws inadequately address digital data. It should be noted that Law 25 has teeth and isn’t...

As careers, banking, and healthcare move online, the need for more secure authentication has become increasingly urgent. While passwords have been adopted as the most common form of authentication, they pose many problems in terms of cyber security. In recent years, especially since the rise of remote work in 2019, the adoption of multi-factor authentication (MFA) has steadily risen to over 60% of...

The rise of generative AI like ChatGPT and Midjourney has been one of this decade’s most revolutionary technological advancements. This technology has allowed businesses to scale their operations more efficiently and enabled entirely new functionalities within existing tools. While generative AI has had a largely positive impact on the world, its negative aspects cannot be ignored. From text to...

Voice-based cyber attacks have existed for a long time and have wreaked havoc worldwide. They are a low-effort, high-reward attack that can be scaled to extreme heights with very little effort apart from finding phone number lists to call. This is part of the reason why vishing attacks have seen a 54% increase in 2022. A potentially even more aggravating factor is the recent drastic improvements...

AI has been making waves in virtually every industry, and cyber security is no exception. Several companies are adopting the technology into different business functions, such as logistics and IT. But as AI quickly leaks into the business landscape, it’s also been the subject of criticism. Recently, news reports have revealed that ¾ of global businesses are considering or have already implemented...

AI is changing how people live and work. Thanks to intuitive machine learning systems, the ability to predict, personalize, and customize has reached new levels. These capabilities of prediction, personalization, and customization make AI the perfect match for cyber security awareness training . AI cyber security training lets you meet individual employee learning needs directly. Some employees...

Conversational AI has lately been the talk of the town for most knowledge workers worldwide. While this technology has existed for a few years, OpenAI’s ChatGPT released this year is leaps and bounds ahead of anything seen before. This trailblazing web app has been used for anything from writing wedding speeches to helping people do their jobs more efficiently. One thing is certain—a shocking...

Telecommunications companies (telecoms) have been prime targets for cyber attackers. They operate critical infrastructure passage, and vast amounts of customer data pass through their networks. The United States Federal Communications Commission (FCC) is aiming to strengthen data security with new regulations around data breach reporting by communications carriers. The agency has long required...

While there’s no denying that AI has its advantages, it also comes with its fair share of drawbacks. One of which is its role in making social engineering easier to pull off. Cyber criminals are beginning to utilize AI software to generate the voice of chief executive officers and fool employees into revealing sensitive information or initiating monetary transfers. An astounding 82% of cyber...

New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers more control over their...

In the age of robots and artificial intelligence comes another player in the AI market: ChatGPT (Generative Pre-trained Transformer). Since its release, cyber security professionals have unlocked various opportunities with its features. Namely, it can answer prompts, write codes on demand, detect phishing emails , and crack passwords . In a nutshell, ChatGPT can be an invaluable tool for security...

Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources are used responsibly...

As a follow up to the Business Continuity Management program article , here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a response plan to deal...

The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the information’s security...

Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS Cloud Computing...