blog-logo.png

A BLOG ABOUT CYBER SECURITY

Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.

Five Cybersecurity Predictions for 2018

Written by Aaron Jentzen

As we look ahead to 2018, some are predicting new and novel cyberthreats, such as ransomware attacking people through Internet of Things- (IoT-) enabled home appliances. While such dystopian visions may indeed come to pass, what’s clear to us is that end-user risk will continue to play a critical role in an organization’s cybersecurity.

Read More

Blog Topics

Five Cybersecurity Predictions for 2018

As we look ahead to 2018, some are predicting new and novel cyberthreats, such as ransomware attacking people through Internet of Things- (IoT-) enabled home appliances. While such dystopian visions may indeed come to pass, what’s clear to us is that end-user risk will continue to play a critical role in an organization’s cybersecurity.

Read More

All-In on Technology? Expect Users to Fold When the Chips Are Down.

Despite the fact that many security experts have been encouraging — even imploring — organizations to think differently about their end users and focus on building a culture of security from the top down, infosec professionals still yearn for a technical solution to employee-driven cybersecurity woes, phishing in particular. This is, frankly, totally understandable. As humans, we all long for “magic bullet” solutions to pressing and wide-ranging problems, and often hope that the path of least resistance will take us to our desired destination.

Certainly, end-user security awareness training is not a path of least resistance. But it is a path worth walking, on a number of levels. Here’s just one reason why:

You say: “Forget security awareness training. It doesn’t work, and I’d rather put my time and money into technology-based defense-in-depth strategies.”

Your end users hear: “I can do whatever I want because IT will fix it.”

Read More

Security Awareness Training: ‘Petrified Users’ Shouldn’t Be Your Goal

Given what we do, it’s should come as no surprise that we like to keep our finger on the pulse of the security awareness training market. (You aren’t recognized as a Leader by Gartner for four years running by operating with blinders on, after all.)

We are particularly interested to know how end users are responding to training efforts in different organizations and different industries. Since we believe that users are key to cybersecurity postures — those who maketh the mistakes can also take them away, right? — it stands to reason that we also believe that organizations should consider how their end users might feel about (and react to) cybersecurity education efforts.

Read More

Five Cybersecurity Predictions for 2018

As we look ahead to 2018, some are predicting new and novel cyberthreats, such as ransomware attacking people through Internet of Things- (IoT-) enabled home appliances. While such dystopian visions may indeed come to pass, what’s clear to us is that end-user risk will continue to play a critical role in an organization’s cybersecurity.

Read More

UK Security Spotlight: Are Cybercriminals Targeting Contactless Cards?

According to Visa Europe, the contactless card revolution that began 10 years ago has firmly taken hold in Europe. UK consumers in particular have taken to contactless transactions — more commonly referred to as “tap and pay” or “pay and go” in the US — with the UK taking the market lead in these types of payments, ahead of Poland, France, Spain, and Finland. Across the UK, 66% of consumers have made a purchase with a contactless card since the technology was made available in 2007, with Londoners leading the charge; Visa indicated that 78% of London residents have used a contactless credit or debit card (12% higher than the national average) and that 16% of all bank-owned tap-and-pay terminals are located in London.

Investopedia and other outlets bill contactless transactions as “a secure method for consumers to purchase products or services”...but how secure is the payment method in actuality? Consumer watchdog Which? is one organization that has some doubts. They said their testing of 12 leading credit and debit cards “revealed significant security flaws” and that 69% of individuals they surveyed are “concerned about their contactless card being stolen and used to make purchases.”

Read More

Scary Data Breach Statistics of 2017

On October 25, the Identity Theft Resource Center (ITRC) published its latest compilation of confirmed data breach notifications affecting US organizations and customers so far this year.* The headline numbers — 1,120 total breaches and more than 171 million records exposed — are frightening in their own right, especially considering that in all of 2016, the ITRC reported 1,039 total breaches and just over 36.6 million records exposed. But what really stood out to us in this latest look at the report wasn’t the numbers that are known, but the numbers that remain unknown.

Read More

All-In on Technology? Expect Users to Fold When the Chips Are Down.

Despite the fact that many security experts have been encouraging — even imploring — organizations to think differently about their end users and focus on building a culture of security from the top down, infosec professionals still yearn for a technical solution to employee-driven cybersecurity woes, phishing in particular. This is, frankly, totally understandable. As humans, we all long for “magic bullet” solutions to pressing and wide-ranging problems, and often hope that the path of least resistance will take us to our desired destination.

Certainly, end-user security awareness training is not a path of least resistance. But it is a path worth walking, on a number of levels. Here’s just one reason why:

You say: “Forget security awareness training. It doesn’t work, and I’d rather put my time and money into technology-based defense-in-depth strategies.”

Your end users hear: “I can do whatever I want because IT will fix it.”

Read More

Security Awareness Training: ‘Petrified Users’ Shouldn’t Be Your Goal

Given what we do, it’s should come as no surprise that we like to keep our finger on the pulse of the security awareness training market. (You aren’t recognized as a Leader by Gartner for four years running by operating with blinders on, after all.)

We are particularly interested to know how end users are responding to training efforts in different organizations and different industries. Since we believe that users are key to cybersecurity postures — those who maketh the mistakes can also take them away, right? — it stands to reason that we also believe that organizations should consider how their end users might feel about (and react to) cybersecurity education efforts.

Read More

Holiday Shopping Tips: Stay Alert to These Types of Scams

Holiday shopping mania seems to be in full swing already this year, with Black Friday and Cyber Monday previews and preseason deals popping up in inboxes and social feeds everywhere. And it’s not just happening in the US, despite the fact that these shopping specials are triggered by the Thanksgiving holiday. In the UK, retailers are already offering heavy discounts — some as high as 25% to 30% — which normally doesn’t happen until Black Friday and beyond. Though the offers in the UK are likely in response to rising inflation, a dip in annual sales figures, and a hike in interest rates, the aggressive sales by legitimate retailers on both sides of the pond present a golden opportunity for cybercriminals — an environment in which online shoppers are seeking (and expecting) better-than-average deals.

Read More

Five Cybersecurity Predictions for 2018

As we look ahead to 2018, some are predicting new and novel cyberthreats, such as ransomware attacking people through Internet of Things- (IoT-) enabled home appliances. While such dystopian visions may indeed come to pass, what’s clear to us is that end-user risk will continue to play a critical role in an organization’s cybersecurity.

Read More

Wombat Security Awards 2017: The Year in Review

As the end of 2017 approaches, we’re celebrating another exciting year at Wombat Security by looking back on the milestones we’ve achieved and the recognition we’ve received from organizations in the infosec space — including a fourth consecutive year in the Leader quadrant of the Gartner MQ and our “three-peat” ranking in the top 150 of the Deloitte Technology Fast 500™.

Read More

Wombat Security Named a Leader for Fourth Consecutive Year

For the fourth year in a row, IT research and advisory firm Gartner, Inc. has recognized Wombat Security as a Leader in the Magic Quadrant for Security Awareness Computer-Based Training (CBT).* Our strong position this year reflects our Ability to Execute and Completeness of Vision — the latter of which Wombat was ranked highest.

Read More
icon-book.png

Try Our Interactive Security Awareness Training Modules

Our 25+ interactive training modules in topics like Email Security, URL Training, Mobile App Security, and more are proven to change the behavior of end users and reduce risk.

Try Our Modules

   Educate Yourself: Protect Against Security Vulnerabilities