Resources

Why Gamify Security Awareness Training?
Blog

Why Gamify Security Awareness Training?

Fri, 08/30/2019
Leveraging a spirit of competition to drive engagement and create a security culture Gamification is a popular concept these days, and for good reason. With gamification, you can develop a game for learning more about a serious topic while also getting the learner to approach winning that game with the same fervor they would when playing for entertainment. So what happens when...
Security Awareness Training
Cyber Games
5 Ways to Reduce the Risk of a Social Network Breach
Blog

5 Ways to Reduce the Risk of a Social Network Breach

Wed, 05/29/2019
Social networking overlaps corporate and personal lives, and so should the mission to create a culture of security awareness. It’s true. There was little – if nothing – any Facebook user could have done to prevent their passwords from getting exposed earlier this spring. Just look at the facts of the case, said Theo Zafirakos, Chief Information Security Officer and Security...
Cyber Threats
Phishing
Social Media Scams
Data Breach
On-Demand Webinar

Everything You Ever Wanted to Know About the GDPR

DURATION: 45 MINUTES During this webcast, you will learn more about the GDPR's key concepts and principles, as well as the personal data rights protected under this regulation.   Watch the GDPR webcast and reduce the risk of facing penalties for non-compliance!   Image During this free webcast, learn more about: What is the GDPR...
Compliance
Blog

Recent phishing attacks demonstrate widespread dangers

Tue, 11/24/2015
By this point, the dangers presented by phishing attacks are becoming increasingly well known. Business leaders recognize that information security awareness is critical for organizations of all kinds, and these programs need to focus heavily on phishing if firms want to remain protected in the current cybersecurity landscape. Phishing attacks have become among the most...
Cyber Threats
Phishing
Blog

Employee error leads to Rogers Communications data breach

Tue, 03/24/2015
While certainly not the biggest data breach in recent memory, this Rogers Communications incident demonstrates how a seemingly small employee error can have significant consequences in the realm of cybersecurity. Data breaches have become major news topics and with good reason. These incidents have major implications not just for the businesses affected but also for their...
Cyber Threats
Phishing
Data Breach
Security Awareness Training
Blog

Consumerization of IT Through BYOD: Is Your Company Ready?

Mon, 03/03/2014
The consumerization of IT is when employees use their own personal mobile devices, such as laptop computers, tablets, smart phones, etc. at work, referred to as BYOD (bring your own device). This use is becoming increasingly common and exposes companies to a variety of risks, including the protection of personal information. Canadian businesses appear to be leading the world...
Bring Your Own Device (BYOD)
Data Privacy
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance

The ISO/IEC 27002 Standard

Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Compliance
Blog

Supplementary guide to achieving PCI-DSS compliance cloud computing

Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS...
Cloud Security
Compliance
Blog

Secure information destruction

Tue, 04/09/2013
What is the value of the information stored on your computer equipment or paper documents? What would the impacts be if your personal or confidential information fell into the wrong hands (e.g. financial loss, loss of image / reputation, regulatory or legal non-compliance)? Can you be certain that a proper destruction method was used on the information (whether in digital or...
Data Privacy
Data Security
Security Awareness Training