Today’s evolving interconnected digital world has created a diverse and intricate threat landscape for organizations. Within this landscape, insider and outsider threats have emerged as significant security risks organizations must address. While the debate regarding the severity of insider versus outsider threats persists, businesses increasingly recognize the potential dangers insiders pose to their data security. Historically, outsiders have been associated with high-profile data breaches attracting media attention. Consequently, organizations have focused on implementing conventional security measures to address outsider threats, given the substantial financial costs of such breaches, often reaching millions of dollars. However, relying solely on standardized security measures…
Dilki Rathnayake
Dilki Rathnayake is a cybersecurity content writer and the Managing Editor at Information Security Buzz, with a BSc in Cybersecurity and Digital Forensics. She is skilled in computer network security and Linux system administration. Dilki has also led awareness programs and volunteered for communities promoting best practices for online safety.
Inspired e-Learning’s new cybersecurity awareness training game, Phishin’ Impossible, takes a novel approach in teaching employees about cyber threats. Players assume the role of a white hat hacker tasked with crafting convincing scam emails to fool unsuspecting staff. Players learn how cybercriminals operate and how to protect themselves by spending time in a hacker’s shoes. After a brief introduction, players are tasked with crafting a phishing email to fool recipients into clicking a malicious link. If they succeed, they’ll be offered the opportunity of a lifetime; a job with the notorious white hat hacking group “Infamous Phun.” Once initiated, players…
Back in March, Microsoft released data suggesting that Russian hacker groups were appearing to be preparing for a renewed wave of cyber-attacks against Ukraine, including a ransomware-style threat to organisations serving Ukraine’s supply lines. At the time, Clint Watts, General Manager of its Digital Threat Analysis Centre said: “In 2023, Russia has stepped up its espionage attacks, targeting organisations in at least 17 European nations, mostly government agencies. Our analysis suggests that Russia will continue to conduct espionage attacks against Ukraine and Ukraine’s partners, and destructive attacks within, and potentially outside, Ukraine.” Our own ESET Threat Report, a quarterly report…
What does a “good” cyber-security programme look like? How can we, in our role as Chief Information Security Officer (CISO), work to improve the effectiveness of the policies and practices implemented in our organisations? Measuring activity does not necessarily have a tangible relationship to robust cyber-security practices, nor does that activity provide any measurable benchmark for executives to understand how you are managing organisational risk – which is ultimately what your job is to do. And the way to be effective is to improve the focus on outcomes which reduce organisational risk. The only Key Performance Indicator (KPI) that matters…