Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.

Learning Science Principles

Reinforcing Key Topics Is Critical in Security Awareness Training

Posted by Gretel Egan on Nov 3, 2017 2:33:22 PM

Are you reinforcing key principles of cybersecurity with your end users? And are you doing so on both an awareness and training front? If you answered “no” to either of these questions — or if you’re uncertain about the differences between raising awareness and delivering training — read on to find out how you could be undercutting your chances for success.

Read More »

Scrap Learning: Why All Security Awareness Training is Not Equally Effective

Posted by Kym Harper on Aug 16, 2017 9:54:47 AM

While end-user training for secure behaviors has experienced an uptick in interest and legitimacy versus technical-only solutions among CISOs in recent years, not all security awareness training is created equal.

Read More »

How Do Your Employees Feel About Security Awareness Training?

Posted by Gretel Egan on Aug 10, 2016 2:46:00 PM

As more and more industries add security awareness and training to their list of compliance-related initiatives, more and more infosec teams (as well as corporate education groups and and governance, risk management, and compliance [GRC] officers) will find themselves tasked with delivering cybersecurity education to their employees. In fact, given today’s climate, it’s likely — mandated or not — that you have already implemented some type of program.

Whether it’s on the horizon or front and center, ask yourself this: How do your end users feel about security awareness and training?

Read More »

Alert: Phishing Attacks Set Records in Q1. How Strong Are Your Defenses?

Posted by Gretel Egan on May 25, 2016 12:52:37 PM

On May 24, the Anti-Phishing Working Group (APWG) announced that the number of observed phishing attacks in Q1 2016 was higher than any total its seen since it began tracking and reporting these statistics in 2004.

Read More »

Compliance-Driven Training: How You Check the Box Matters

Posted by Gretel Egan on Nov 16, 2015 9:15:52 AM

Whether you’re for it or against it, a believer or a scoffer, compliance-driven security awareness training initiatives are a reality that must be reckoned with. Not only are they not going anywhere, they are actually likely to multiply given emergence of additional cyber security–based regulations and some U.S. legislators eyeing global cyber laws.

Read More »