A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge.
As security practitioners, we probably have a good grasp of technological controls. But adversarial company culture may be creating stress that keeps people from protecting our data.
Social engineering will always be one of the easiest ways for threat actors to get what they want. So what can enterprises do to decrease the risk?
Many of the city of Baltimore's public services remain offline two weeks after the municipality fell victim to a ransomware attack.
It's important to recognize that a core outcome of security awareness and training efforts needs to be changing behaviors.
Here's what you need to know about organizational security culture — and how to plan for and inspire a better one.
Good communication, clear expectations and enforced boundaries are all key to the success of your security program.
While smartphones and tablets have become more ubiquitous in the workplace, organizations are flat out ignoring mobile security risks.
Do you remember your first mobile phone, and the newfound feelings of connectedness and convenience that came with it? Nowadays, are these devices really phones or are they computers? Labels matter.
Ensuring organizations adapt while also retaining a high level of digital trust is exactly where the chief information security officer (CISO) can help.