Blog
How to Protect Your Data from the Microsoft Office 365 Phishing Scam
Fri, 07/31/2020
Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries.
According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a...
Blog
Don’t Be Fooled By A Spoofing Attack
Tue, 05/26/2020
Know how to identify and prevent a spoofing attack
Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes.
Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical...
On-Demand Webinar
On-Demand Webcast: The Five Stages of Being Phished
Mon, 11/18/2019
When falling for a phishing scam, users usually go through one or more emotional stages including; denial, anger, bargaining, depression and acceptance.
Watch now to learn more about:
The 5 stages and how they affect the impact of a data breach
Using a security awareness program to help users become cyber aware
The role of just-in-time training and phishing simulations in...
Blog
5 Ways to Reduce the Risk of a Social Network Breach
Wed, 05/29/2019
Social networking overlaps corporate and personal lives, and so should the mission to create a culture of security awareness.
It’s true.
There was little – if nothing – any Facebook user could have done to prevent their passwords from getting exposed earlier this spring.
Just look at the facts of the case, said Theo Zafirakos, Chief Information Security Officer and Security...
On-Demand Webinar
Everything You Ever Wanted to Know About the GDPR
DURATION: 45 MINUTES
During this webcast, you will learn more about the GDPR's key concepts and principles, as well as the personal data rights protected under this regulation.
Watch the GDPR webcast and reduce the risk of facing penalties for non-compliance!
Image
During this free webcast, learn more about:
What is the GDPR...
Blog
Recent phishing attacks demonstrate widespread dangers
Tue, 11/24/2015
By this point, the dangers presented by phishing attacks are becoming increasingly well known. Business leaders recognize that information security awareness is critical for organizations of all kinds, and these programs need to focus heavily on phishing if firms want to remain protected in the current cybersecurity landscape.
Phishing attacks have become among the most...
Blog
Employee error leads to Rogers Communications data breach
Tue, 03/24/2015
While certainly not the biggest data breach in recent memory, this Rogers Communications incident demonstrates how a seemingly small employee error can have significant consequences in the realm of cybersecurity.
Data breaches have become major news topics and with good reason. These incidents have major implications not just for the businesses affected but also for their...
Blog
Governance and Information Security
Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Blog
Business Continuity Management Program BCM (part 2)
Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components:
Emergency action plan and damage assessment
This is a...
The ISO/IEC 27002 Standard
Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Blog
Supplementary guide to achieving PCI-DSS compliance cloud computing
Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS...