Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.

Keys to Success

Short on Security Awareness Training Staff? Try Our Managed Services.

Posted by Gretel Egan on Jul 13, 2017 12:42:05 PM

Even with healthy security budgets, infosec teams can find themselves short on resources. Countless studies and articles have noted that good IT talent is hard to find, which means that security teams are still having to do more with less. And even those organizations that are not experiencing a personnel crunch could still be feeling the pinch on the cybersecurity education side. After all, staff members who are highly skilled at managing technical resources often lack the experience and expertise — and interest — needed to develop and execute an effective employee security awareness training program.

If you are lacking resources or expertise, don’t kick the can down the road, and don’t settle for a marginal program that is unlikely to give you any return (on even a minimal investment). Instead, use our Managed Services for security awareness training to help you deliver a program that provides measurable results.

Read More »

Anti-Phishing Training: Why ‘Set It and Forget It’ Is a Mistake

Posted by Gretel Egan on Jun 26, 2017 11:55:00 AM

Even though cybersecurity budgets are healthier now than they have been in past years, security talent is in short supply, which means infosec training teams are still facing the crunch of doing more with less. As such, the lure of automation is strong. If you find yourself tempted by the idea of a “set it and forget it” security awareness training program, we caution you to consider the negative side effects of a hands-off approach.

Read More »

Rethinking Patch Management Strategies to Balance Security and Uptime

Posted by Kurt Wescoe on Jun 21, 2017 12:42:04 PM

Recently I was part of a panel discussion on combatting ransomware at the SecureWorld Atlanta event. An interesting conversation developed around the old stalwart of patching computers and systems. A solid patching process is one of the most elementary parts of an organization’s security program — or at least it should be.

Read More »

Ransomware and Phishing Attacks: Why Anti-Virus Software Can't Save You

Posted by Gretel Egan on Jun 13, 2017 2:50:53 PM

Installing and keeping anti-virus software up to date on computers and mobile devices has become a de facto cybersecurity best practice — and for good reason. Like other technical safeguards, anti-virus software has come a long way in its sophistication since its early days in the late 1980s and early 1990s. There are many reliable and reputable options for anti-virus and anti-malware protection for corporate organizations and personal devices, and they provide an important layer of security for data, devices, and systems.

But you cannot count on them to stop ransomware infections, and they absolutely cannot prevent phishing emails from reaching your inbox.

Read More »

Five Tips from CISOs for Managing Emerging Cybersecurity Threats

Posted by Gretel Egan on Jun 8, 2017 10:54:11 AM

I recently had the opportunity to visit SecureWorld Atlanta 2017, where I met a number of industry experts and attended several sessions. One of those sessions was a panel discussion titled, “Hazards on the Horizon – Emerging Threats.” The panel of CISOs discussed both the current cyber threat landscape and offered advice for keeping networks and systems as secure as possible during this era of frequent cyberattacks. Each of the five panelists was asked to provide their one key piece of advice. Here’s what they said:

Read More »