“Working from home 2021″ marks a massive shift away from common workspaces in response to the global pandemic. There is no more working remotely or working from home, there is just working. The axiom, “work is what you do, not where you go” has never before been so true. The possibility for the workforce to be location independent […]
Overview Phishing continues to be a major attack vector, and it’s surprising just how many security incidents and breaches start with an employee clicking on a link in a carefully crafted phishing email (and sometimes doing the same with a not-so-well crafted phishing email — see this example). There’s still a general perception that phishing attacks […]
InfoSec Compliance is a big word, involving most systems in your working environment, and multiple deliverables to be produced for the auditing team. Up till today, this project was as complex as can be. Today, with the introduction of Compliance Automation Platforms, things get simpler. Here’s a list of what you need (and don’t need […]
Daily Chaos, By Design We all know how security compliance works. It’s one of those processes no one dares to disrupt. As InfoSec leaders, after having our morning coffee, we quickly move to our emails, going through those routinely generated reports, which leads us to believe that the procedures and controls are still in place […]
Let’s face it – Security compliance is a hassle. (Almost) nobody likes it, it’s boring and perceived as a tedious checklist that must be completed in order to achieve the prestigious mark of being “XYZ” compliant. Why is that, and how can we better tackle this challenge? The Compliance Challenge Companies need compliance mainly for 2 […]
Attackers Have Created a Specialized Economy Around Email Account Takeover