Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.

Compliance Training

GDPR, PSD2, and NIS: The Role of Security Awareness Training

Posted by Gretel Egan on Oct 4, 2017 1:03:26 PM

There has been a lot of talk about pending GDPR requirements and the penalties associated with non-compliance, but GDPR is not the only EU cybersecurity legislation that will be affecting organizations in the near future. Alan Levine, a former Fortune 500 CISO and current Security Advisor to Wombat, spoke to Wombat Wisdom Conference attendees last month about the GDPR and two other regulations — PSD2 and the NIS Directive — and discussed the role he believes employee security awareness training will play with regard to organizational compliance with these laws.

Following, we offer quick overviews about the GDPR, PSD2, and the NIS Directive; Levine’s take on these pieces of legislation; and links to additional resources.

Read More »

Scrap Learning: Why All Security Awareness Training is Not Equally Effective

Posted by Kym Harper on Aug 16, 2017 9:54:47 AM

While end-user training for secure behaviors has experienced an uptick in interest and legitimacy versus technical-only solutions among CISOs in recent years, not all security awareness training is created equal.

Read More »

GDPR Compliance Is 1 Year Away. Our Security Awareness Training Can Help You Prepare.

Posted by Gretel Egan on May 25, 2017 12:04:19 PM

On May 23, we announced the availability of a new security awareness training module that will help global organizations prepare their end users for compliance with a looming standard: the General Data Protection Regulation (GDPR).

Read More »

How Do Your Employees Feel About Security Awareness Training?

Posted by Gretel Egan on Aug 10, 2016 2:46:00 PM

As more and more industries add security awareness and training to their list of compliance-related initiatives, more and more infosec teams (as well as corporate education groups and and governance, risk management, and compliance [GRC] officers) will find themselves tasked with delivering cybersecurity education to their employees. In fact, given today’s climate, it’s likely — mandated or not — that you have already implemented some type of program.

Whether it’s on the horizon or front and center, ask yourself this: How do your end users feel about security awareness and training?

Read More »

Compliance-Driven Training: How You Check the Box Matters

Posted by Gretel Egan on Nov 16, 2015 9:15:52 AM

Whether you’re for it or against it, a believer or a scoffer, compliance-driven security awareness training initiatives are a reality that must be reckoned with. Not only are they not going anywhere, they are actually likely to multiply given emergence of additional cyber security–based regulations and some U.S. legislators eyeing global cyber laws.

Read More »