blog-logo.png

A BLOG ABOUT CYBER SECURITY

Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.

Research and Analysis

2017 Beyond the Phish Report Reveals End-User Strengths, Weaknesses

Posted by Gretel Egan on Sep 21, 2017 10:07:41 AM

Infosec professionals who are seeking industry- and category-specific data points that illustrate business implications and highlight knowledge deficiencies in end-user cybersecurity knowledge, take note: our 2017 Beyond the Phish Report™ is now available for download.

Read More »

Social Media Hauntings: Students and Job Seekers Beware

Posted by Gretel Egan on Aug 30, 2017 12:50:54 PM

When I was a kid, there was a lot of collective fear among my fellow students at the idea of infractions going on a “permanent record.” This nebulous threat from parents, teachers, and administrators had many of us thinking — and fretting — about the types of behaviors and activities that could potentially be tied to us for eternity. (We were easily fooled. What can I say?)

Back in the olden days (i.e., the pre-internet years), we worried about the ramifications of an essentially baseless behavior log that we never actually saw with our own eyes. Interestingly, today’s most frightening form of a permanent record is the one that kids and adults alike are creating for themselves on social media. Unfortunately, bad decisions shared on these forums can haunt users for years to come.

Read More »

Scrap Learning: Why All Security Awareness Training is Not Equally Effective

Posted by Kym Harper on Aug 16, 2017 9:54:47 AM

While end-user training for secure behaviors has experienced an uptick in interest and legitimacy versus technical-only solutions among CISOs in recent years, not all security awareness training is created equal.

Read More »

BT/KPMG Paper Calls on Business Leaders to Build a Culture of Security

Posted by Gretel Egan on Aug 3, 2017 4:19:15 PM

There are members of the infosec community who continue to call for a technical-only solution to phishing prevention, one that cuts end users out of the equation entirely. And there likely always will be individuals seeking this Holy Grail. While we certainly can’t see into the future, we do know this: We fully expect technological advances to help with phishing, much like spam filters, sandboxing, and other technologies have over the years. But the trickle-down time and lag in adoption rates mean that no new technology will offer even close to an immediate fix to the problem. Waiting on technology to solve cybersecurity vulnerabilities and abandoning the idea that end users can be a better asset does nothing to advance security postures now.

Read More »

Phishing, Social Engineering Are Top Concerns for Black Hat Attendees

Posted by Gretel Egan on Jul 19, 2017 12:29:08 PM

Black Hat USA 2017 kicks off in Las Vegas on July 22, and this show attracts some of the savviest information security professionals in the world. Earlier this month, Black Hat organizers released the results of its third annual attendee survey in its Portrait of an Imminent Cybersecurity Threat report. Below, we highlight some of the key findings in this year's report and compare the results to those revealed by the 2016 survey. 

Read More »