CeSViTer

Communication Strategies in Cybersecurity

While many things in Cybersecurity may seem self-evident (need for good passwords, increased vigilance when handling emails, etc.), the site https:// Theconversation.com/ featured an interesting article on unintended effects of certain types of communication. In particular, it underscored the need to understand not just the technical needs of your audience but also the socio-economic aspects of the audience.

When conducting cybersecurity campaigns, we find that efforts at communication sometimes backfire and cause the opposite of the desired effect. Several consequences can arise:

Continue reading

Need for cultural change regarding cybersecurity

Roger A. Grimes (KnowBe4’s Data-Driven Defense Evangelist) wrote an excellent Comprehensive Anti-Phishing Guide to help IT personnel combat increasing threats from phishing.

Among the important points Roger Grimes made were:

Training: We have to accept that there will always be to some degree phishing and social engineering activity that will bypass even the best or our defenses. Consequently, it is important to train employees how to recognize phishing and social engineering activity and how to manage them. Social engineering and phishing have long been thought to be the principal cause for many malicious data breaches. Fostering good security awareness training is indispensable to building a human firewall.

Continue reading