It seems like a cliché: a person’s life changes when they’re exposed to a previously concealed or distorted truth. In theory, all information is freely available – and, therefore, is widely known.
People act to satisfy their bosses and co-workers’ behavioural expectations. What you perceive in the office isn’t necessarily an accurate picture of who people really are, what they really believe, or what they secretly feel is right for them.
It’s easy to think of cybersecurity as a purely reactive function: detect an attack and thwart it. In truth, effective cybersecurity requires pre-emptive action. Like predicting where a new technical solution might introduce new harm.
Texas’s recent anti-abortion vigilantism legislation has created an all-new and insidious incentive for hackers, scammers, and insider threats to threaten companies and citizens with financial and reputational ruin for cash.
Returning to the office is going to be a messy business. Not because people don’t want to go back necessarily. Rather, because we’ve all largely forgotten how to play the characters we used to perform for one another in the pre-pandemic times.
You can explain the facts justifying a security decision and some people will irrationally refuse to comply. This might be due to cognitive dissonance, or it might be due to cynical risk-taking behaviour. It’s crucial that security leaders acknowledge this risk and take pre-emptive action to address it when setting and enforcing behaviour standards.
DLP incidents are frustratingly common. So are affected organisations’ inability to respond effectively to them. A recent catastrophic failure illustrates why it’s often impossible for affected orgs to help remediate an incident.
Ready to return to the office like it was 2019? Think twice … it isn’t like 2019 and acting like it is might get people hurt.
The most dangerous security vulnerability in your domain is the one you don’t (yet) know exists. This is why we all need help cataloguing and testing our defences: to learn to see what we can’t already see.
It can be extraordinarily difficult to choose the best candidate for a position when your interview questions focus solely on prior, unrelated roles instead of on personal growth, professional goals, and skill synergies. Consider shaking up your interviewing routine with a few unusual questions.
Security awareness work can seem awfully peculiar to an outsider. We appear spend an inordinate amount of time doing nothing, then explode into frantic action. In reality, there’s a ton of esoteric analysis being done during the “down time” that isn’t readily apparent.
After an insider threat event, people ask why it happened. Sometimes, it’s better to focus on how it happened instead.
23-29 Hendon Lane
London, N3 1RT
020 8349 4363
info@teiss.co.uk
teiss® is a registered
trademark of Lyonsdown Ltd
[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]