Process “Zombie” rules that lead people to expose their organisation to risk

Zombie rules are those well-intentioned yet obsolete protocols that continue to impede progress long after their owners have left the …

Training Transferrable skills: it’s not WHAT to do but HOW to do it

No one is 100% functional when they start a new job. Every organisation has unique attributes that need to be …

Behaviour Why empathy matters in cyber security

Attitudes towards groups and businesses are often skewed by our brains’ tendencies to prioritize negative information over positive. One of …

Human factor How to stop bad habits getting in the way of security

We’re all creatures of habit. Often, this is to our advantage, as a good habit helps us remember to perform …

Trust Keil Hubert on managing human instinct in security

Imagine that you’re attending an industry conference. The organiser chose a casino with an attached conference centre for the event. …

Behaviour Why do we refuse to abandon security processes that don’t work?

Why do we refuse to abandon ideas, equipment, and processes that have proven themselves to be inadequate? It’s rarely because …

Security awareness Who should deliver your security awareness message?

Effective security awareness depends on establishing credibility with your users. This motivates some small awareness shops to employ a high-prestige …

People A guide to helping people overcome “cyber attack fatigue”

The more that we warn people about threats that don’t manifest in their personal lives, the more likely people become …

Behaviour A guide to recognising our biases and overcoming them

Our brains can be our own worst enemy when it comes to following security controls. It’s not that we don’t …

People Why “old” skills still have practical value for cyber security

It’s easy to feel overwhelmed by the madcap pace of change in technology. Sometimes it might feel like all our …

People Want to improve your security? Understand the cognitive bias behind decision-making

People like to believe they’re perfectly rational beings. It can be a shock to learn that we’re not. It’s critical …

Phishing A guide to phishing emails and how they work

The most efficient phishing attacks are precisely crafted messages that use our known psychological attributes against us, stimulating us to …