DISC InfoSec blog

The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a “do it yourself” toolbox to help organizations in their quest to create and implement a custom security awareness raising program The package includes: A guideline on how to build an internal cyber-awareness raising program tailored to employees’ needs […]

Cybersecurity awareness is no longer a “nice to have”; in fact, it has become a fundamental part of your corporate training process across all levels and aspects of your business. Would you leave your business unlocked and open to all comers? Of course not – but if you don’t have solid cybersecurity in place, that’s effectively what […]

October is Security Awareness Month, an exciting time as organizations around the world train people how to be cyber secure, both at work and at home. But what exactly is security awareness and, more importantly, why should we care about it? The traditional approach does not work Organizations, cybersecurity leaders and the cybersecurity community will […]

Defend against phishing attacks with more than user training. Measure users’ suspicion levels along with cognitive and behavioral factors, then build a risk index and use the information to better protect those who are most vulnerable. Our approach to security awareness is flawed. And we must change it. As Russian tanks creaked into Ukraine, CEOs […]

According to a new Tessian report, 30% employees do not think they personally play a role in maintaining their company’s cybersecurity posture. What’s more, only 39% of employees say they’re very likely to report a security incident, making investigation and remediation even more challenging and time-consuming for security teams. When asked why, 42% of employees […]