Security Awareness

Security Awareness news, information, and how-to advice

insider threats
managed security service providers

Calendars and keys

Salted Hash Rehashed: The weekly news recap for May 20, 2016

Welcome to this week's edition of Rehashed, your weekly recap of news and other items of note. We're going to start running these on Friday, mostly because it's easier to produce this way. This week, a trusted contact Phished me,...

Apple brings down apps, mainly Chinese ones, with malware

Detecting low and slow insider threats

In my last post I discussed how machine learning could be used to detect phishing-based account compromise attacks using a real-world use case from the recent Verizon Data Breach Digest. This time I’ll examine how to detect insider...

Keeping humanity in the privacy debate

J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals (IAPP), explores the basic understanding of privacy from solitude to intimacy.

security phishing hook

Basic Phishing scam successfully targets PR agency, reporters

On Tuesday evening, Salted Hash received a pitch from a PR agency we've worked with in the past. Such things are normal in the day-to-day life of a journalist. But the problem is, this email wasn't a pitch, it was a Phishing attack...

training run

What's in your test, training, and exercise program?

From tabletop to functional test exercises, is running tests in anything other than an actual network really effective?

0 intro gamify

7 reasons to gamify your cybersecurity strategy

Thanks to gamification, organizations are finding new ways to educate employees on the importance of cybersecurity, through gaming elements like one-on-one competitions, rewards programs and more.

hunting orange

The sport of threat hunting, and who should be in the game

"Hunting is not a sport. In a sport, both sides should know they're in the game." - According to Field and Stream magazine, this is an oft quoted hunting expression. I couldn’t resist the irony of applying this quote to the cyber...

Business strategy wall

Three ways to align security programs to enterprise strategy

Security teams often struggle with how best to articulate security value in business terms, and with aligning security priorities with enterprise strategy. All security programs depend on business owners for success, so it is...

CSO password management survival guide

The CSO password management survival guide

It's time to take the password problem in hand. This free guide from the editors of CSO will help you communicate the challenges and what is at stake and evaluate and choose the right enterprise password management solution for your...

Phishing attack

Phishing scams erode trust and compromise brand

While common and persistent, when potential client receive phishing scams from your organization, they make think twice about engaging in future business transactions

boxer fighter punch

10 companies that can help you fight phishing

According to the most recent Verizon data breach report, a phishing email is often the first phase of an attack

power storm power lines electricity overhead power lines 000000583296

Maintaining a utility's security and reputational risk is vitally important

Building a utility's reputation may take years, but it can be damaged or destroyed very quickly from a security event. Reputational risk is regarded as the greatest threat to a company's market value and standing in the community.

microphone

5 must listen to security podcasts

There are a lot of podcasts out there that you can listen to these days. Now, today I’m writing about 5 must listen security podcasts that you should start adding to your rotation yesterday. So, let’s be fair right out of the...

Man squeezed between file cabinets

In the digital enterprise, everyone is a security newb

The responsibility of securing the extended network falls on more than just the security practitioners.

stethoscope tablet healthcare data

Is your healthcare organization leaking data?

Recent news headlines and research has illustrated that healthcare organizations are either leaking data from various servers and medical devices or they are being hit with ransomware. This article looks at some of the reasons why...

graduation commencement

Top U.S. universities failing at cybersecurity education

Cybercriminals are only getting better at what they do, which means the skills gap is growing between the people who hack and the people who stop them. And universities aren't catching up fast enough: A recent study reveals dismal...

msvusa

Microsoft joins lawsuit in fight for individual privacy

Microsoft is suing the United States for violation of its First Amendment right and your Fourth Amendment rights.

01 intro

Why can’t the public security sector and the government get along?

The divide between government and the security industry presents several challenges when looking to form partnerships with the goal of improving cybersecurity. In order to illustrate what it will take to move forward with these...

Load More