Tag: awareness
-
Bringing the Human Back into Cybersecurity: What Values-Based Education Teaches Us About Digital Mindfulness
Recently, I had the pleasure of speaking with Inda Sahota, the dynamic and deeply empathetic force behind cybersecurity awareness at Fresenius Group. What struck me most wasn’t just her deep understanding of human-centric security, it was how naturally she bridges the gap between personal values and professional practice. Inda brings her whole self into her…
-
Distraction is the New Zero-Day: The Human Risk We Keep Ignoring
A few days ago, my friend Javvad Malik”, a sharp voice in our industry and someone I trust”, shared something that made me stop and think. Javvad, KnowBe4’s security awareness advocate, summed up the state of things beautifully: “Cyber risk is not just about advanced technology; it is about human bandwidth and the cognitive load…
-
Distraction is the New Zero-Day: The Human Risk We Keep Ignoring
A few days ago, my friend Javvad Malik”, a sharp voice in our industry and someone I trust”, shared something that made me stop and think. Javvad, KnowBe4’s security awareness advocate, summed up the state of things beautifully: “Cyber risk is not just about advanced technology; it is about human bandwidth and the cognitive load…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
115.000 Phishing-Emails in einer Woche versendet
Tags: awareness, best-practice, cyber, email, google, infrastructure, mail, phishing, saas, softwareEine neue Art des Phishings breitet sich aus. Sie setzt dabei auf bewährte Marken, unaufgeklärte Mitarbeitende und ungeschützte Kanäle.Laut Google nutzen 40 Millionen Lehrer und Schüler weltweit Google Classroom, um Leistungsnachweise, Schulaufgaben und Lehrmaterial bereitzustellen. Da die Software weit verbreitet ist, wird sie attraktiv für Cyberkriminelle. Eine immer noch aktive, weltweite auftretende Kampagne hat der…
-
Security Awareness Report des SANS Institut – Mit Strategie und KI zu wirksamer Security Awareness
First seen on security-insider.de Jump to article: www.security-insider.de/social-engineering-groesste-cybergefahr-fuer-unternehmen-a-82732e47bc023377fbdaa8c1f2e06cc6/
-
Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025
As security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often aren’t from cutting-edge exploits, but from cracked credentials and compromised accounts. Despite widespread awareness of this threat vector, Picus Security’s Blue Report 2025 shows that organizations continue to struggle with…
-
Why the Email Security Battle Feels Lost (At Least for Now)
Despite better tools and growing awareness, phishing and impersonation attacks remain rampant. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-the-email-security-battle-feels-lost-at-least-for-now/
-
SANS Security Awareness Report zeigt, Mensch bleibt wichtigster Angriffsvektor
Der Report basiert auf der bisher größten SANS-Umfrage mit Beiträgen von mehr als 2700 Security-Awareness-Praktikern aus über 70 Ländern. Damit liefert er die umfassendste und aufschlussreichste Analyse seit Bestehen der Studie. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-security-awareness-report-zeigt-mensch-bleibt-wichtigster-angriffsvektor/a41728/
-
MacOS Under Attack: How Organizations Can Counter Rising Threats
Not only are attacks against macOS users ramping up, but threat actors have proved to be advanced with deepfake technology. Security awareness training may be the best defense. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/mac-under-attack-how-organizations-can-counter-rising-threats
-
5 hard truths of a career in cybersecurity, and how to navigate them
Tags: access, ai, application-security, attack, awareness, best-practice, breach, business, cio, ciso, conference, control, cyber, cybersecurity, data-breach, finance, firewall, framework, gartner, identity, ISO-27001, jobs, mitigation, network, regulation, risk, risk-assessment, risk-management, skills, strategy, technology, threat, training, wafCybersecurity teams protect systems but neglect people: After all the effort it takes to break into cybersecurity, professionals often end up on teams that don’t feel welcoming or supportive.Jinan Budge, a research director at Forrester who focuses on enabling CISOs and other technical leaders, believes the way most cybersecurity career paths are structured plays a…
-
Top cybersecurity M&A deals for 2025
Tags: 5G, access, ai, api, apple, application-security, attack, automation, awareness, banking, breach, business, ceo, cisco, cloud, compliance, control, crowdstrike, cyber, cybersecurity, data, ddos, defense, detection, edr, email, endpoint, finance, firewall, gitlab, government, group, ibm, identity, incident response, infrastructure, intelligence, leak, microsoft, mitigation, network, password, programming, risk, risk-management, saas, service, software, sophos, strategy, supply-chain, technology, threat, tool, training, vulnerability, waf, zero-trustPalo Alto Networks to buy CyberArk for $25B as identity security takes center stage July 30, 2025: Palo Alto Networks is making what could be its biggest bet yet by agreeing to buy Israeli identity security company CyberArk for around $25 billion. “We envision Identity Security becoming the next major pillar of our multi-platform strategy, complementing our leadership…
-
OWASP LLM Risk #5: Improper Output Handling FireTail Blog
Tags: ai, application-security, attack, awareness, cyber, detection, email, injection, LLM, mitigation, monitoring, phishing, remote-code-execution, risk, sql, strategy, threat, vulnerabilityAug 04, 2025 – Lina Romero – 2025 is seeing an unprecedented surge of cyber attacks and breaches. AI, in particular, has introduced a whole new set of risks to the landscape and researchers are struggling to keep up. The OWASP Top 10 Risks for LLMs goes into detail about the ten most prevalent risks…
-
Turning Human Vulnerability Into Organizational Strength
Investing in building a human-centric defense involves a combination of adaptive security awareness training, a vigilant and skeptical culture, and the deployment of layered technical controls. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/human-vulnerability-organizational-strength
-
Summer: Why cybersecurity must be strengthened as vacations abound
Tags: access, ai, attack, authentication, automation, awareness, backup, control, corporate, credentials, cybersecurity, data, detection, email, encryption, exploit, infrastructure, malicious, mfa, monitoring, network, office, password, resilience, risk, theft, threat, tool, training, update, usa, vpn, wifiGuillermo Fernandez, Sales Engineer for Southern Europe at WatchGuard Technologies. WatchGuard Technologies.Another important point is that, during the summer, attackers know that many IT and cybersecurity teams are operating with more limited resources or with staff on vacation. “They take advantage of this to launch phishing campaigns and other targeted attacks, aware that attention and vigilance often…
-
SentinelLabs uncovers China’s hidden cyber-espionage arsenal
CSOonline that the most important pieces of new information gleaned from the findings are that “China’s contracting ecosystem forces many companies and individuals to collaborate on intrusions. This means many China-based Advanced Persistent Threats (APTs) may actually contain many different companies with many different clients.”The nation’s diverse private sector offensive ecosystem, he said, “supports a…
-
How bright are AI agents? Not very, recent reports suggest
CSOs should ‘skip the fluff’: Meghu’s advice to CSOs: Stop reading the marketing and betting too much of your business on AI/LLM technology as it exists today. Start small and always have a human operator to guide it.”If you skip the fluff and get to the practical application, we have a new technology that could…
-
Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture
Tags: ai, attack, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, defense, detection, grc, group, hacker, identity, incident response, intelligence, international, least-privilege, metric, network, phishing, ransomware, risk, risk-assessment, risk-management, soc, strategy, technology, threat, tool, training, updateMisplaced priorities: Investments often favor visibility and compliance over “core capabilities like detection engineering, incident response, and threat containment,” according to Santiago Pontiroli, lead security researcher at cybersecurity vendor Acronis TRU.Delayed adaptation: AI-driven threats demand faster, smarter defenses, but key upgrades (such as behavior-based analytics or automation) are often postponed due to underestimated risk, according…
-
Researchers Reveal Technical Details of SonicWall SMA100 Series N-Day Vulnerabilities
Tags: authentication, awareness, cyber, firmware, flaw, network, programming, remote-code-execution, vpn, vulnerabilitySecurity researchers have disclosed technical details of three previously patched vulnerabilities affecting SonicWall’s SMA100 series SSL-VPN appliances, highlighting concerning pre-authentication security flaws that could have enabled remote code execution and cross-site scripting attacks. The vulnerabilities, all confirmed against firmware version 10.2.1.15, underscore persistent challenges in network appliance security despite decades of awareness around common programming…
-
Cyber Circle: Awareness Training neu gedacht
True Crime Cyber Video Prevention Podcast”, wie die beiden Akteure das neue Format mit einem Augenzwinkern benennen, wollen dabei vieles neu und anders machen. Ihr Anspruch ist es, die Zuschauer mit dem Format nicht nur zu informieren, sondern auch zu unterhalten.In der Erstausgabe des Video-Serie steht das Thema Awareness Training im Mittelpunkt. Studiogast Holger Könnecke…
-
Cyber Circle: Awareness Training neu gedacht
True Crime Cyber Video Prevention Podcast”, wie die beiden Akteure das neue Format mit einem Augenzwinkern benennen, wollen dabei vieles neu und anders machen. Ihr Anspruch ist es, die Zuschauer mit dem Format nicht nur zu informieren, sondern auch zu unterhalten.In der Erstausgabe des Video-Serie steht das Thema Awareness Training im Mittelpunkt. Studiogast Holger Könnecke…
-
Warning to feds: US infrastructure is under silent attack
Tags: attack, awareness, breach, business, ceo, cisa, control, cyber, cybersecurity, data, defense, exploit, government, Hardware, infrastructure, intelligence, risk, technology, theft, threat, vulnerabilityIT and OT are fundamentally different: Robert M. Lee, CEO and co-founder of cybersecurity company Dragos, Inc., also spoke at the hearing, pointing out that enterprises and regulators must “recognize and account for” the differences between information technology (IT) and OT systems.”IT and OT systems differ fundamentally in both purpose and operation,” he said. “While…
-
New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk
Tags: access, ai, attack, awareness, ceo, compliance, cyber, cybersecurity, data, finance, government, identity, office, phishing, resilience, risk, risk-management, strategy, technology, threat, trainingHuman risk is concentrated, not widespread: Just 10% of employees are responsible for nearly three-quarters (73%) of all risky behavior.Visibility is alarmingly low: Organizations relying solely on security awareness training (SAT) have visibility into only 12% of risky behavior, compared to 5X that for mature HRM programs.Risk is often misidentified: Contrary to popular belief, remote…
-
How IT leaders infuse cyber hygiene into daily work
For technology chiefs, a “do as I say, not as I do” stance could lead to a security breach. Instead, cyber awareness can be taught by example. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybersecurity-practices-IT-executives/753584/
-
Cybersicherheit nur auf dem Papier? Drei von fünf Angestellten erhalten keine regelmäßigen IT-Sicherheitsschulungen
Gerade kritische Sektoren wie Gesundheit und Kommunen haben bei Security Awareness Trainings Nachholbedarf. Mehr als 60 Prozent der deutschen Arbeitnehmenden bekommen keine regelmäßigen Security Awareness Trainings trotz steigender Bedrohungslage durch Cyberangriffe. Die aktuelle Studie »Cybersicherheit in Zahlen« von G DATA CyberDefense, Statista und brand eins zeigt: Besonders kleine Unternehmen und kritische Branchen wie Gesundheit,… First…
-
Loaf and order: Belgian police launch bread-based cybersecurity campaign
The future of cybersecurity awareness might just be”¦ gluten-based. First seen on grahamcluley.com Jump to article: grahamcluley.com/loaf-and-order-belgian-police-launch-bread-based-cybersecurity-campaign/