Security awareness messaging: The fine lines between attention-grabbing and offence, and between humour and triviality
Too often we keep falling for the same tricks. Too often we see in the media or via awareness campaigns you shouldn’t click on this or you should look out for that. Is there a better way to convey this message that actually leaves a lasting impression on the recipient? We will investigate why awareness is playing it safe and why we seem to be doing our colleagues a disservice when trying to educate and inform.
Recorderd on: Wednesday 6th January 2021
Using the MITRE ATT&CK framework to drive risk remediation programs and mitigate cyber attacks
This webinar explores the value and utility of the MITRE ATT&CK framework - a globally accessible knowledgebase of adversary tactics and techniques. Learn how to leverage the MITRE framework to assess your cyber maturity against security standards and define a prioritised roadmap for addressing critical gaps in your security, based on common, high-frequency tactics and techniques.
Recorderd on: Friday 18th December 2020
The UK Business Cyber Centre: The cybersecurity guru for businesses, from SMEs to corporates
The UK Business Cyber Centre (BCC) provides millions of UK businesses normally outside the national cybersecurity envelope with access to cybersecurity advice, training, alerts and warnings, so as to meet the UK's demands for secure digital growth. Andrew takes us through this enterprising scheme, with the opportunity for you to engage in this exciting venture.
Recorderd on: Monday 30th November 2020
Driving real behaviour change: How to build a security awareness program that works
When it comes to modern Cybersecurity – ultimately your users are your last line of defence. So you need to arm them with both knowledge and practice to mould dynamic, alert guardians of both your organisation and your data. The key to your success is engaging, entertaining - and crucially - topical security awareness training.
So where to start, or how to renew your program?
Recorderd on: Monday 16th November 2020
Seven new education ideas to get your organisation cyber-savvy
Are your staff bored with security bulletins? Worried they’re not hitting the mark? We explore how Lloyds Banking Group uses a variety of fresh communication methods to influence security behaviour and culture positively. Learn how to inject interactivity with elegant in-house solutions without blowing the budget to enliven your corporate cyber education.
Recorderd on: Friday 30th October 2020
The consideration of ethics in developing technology
As we develop new technology, we focus on the benefits without considering the consequences. Criminals access nation-state capability. Unscrupulous individuals use social media to spread extremist views or play havoc with our elections. The increase in data raises concerns around its exploitation. So can technology be developed with ethics in mind, and if so, how?
Recorderd on: Monday 26th October 2020
Minimising risk from cyber threats: Focusing on reducing time to containment
With limited resources, an ever-growing skills gap and an escalating volume of security alerts, organisations are left vulnerable to what is perceived to be an unavoidable risk. How can they minimise risk from cyber threats without further increasing the workload? In this webinar, we will discuss how automation can help address these challenges faced by CISOs.
Recorderd on: Monday 19th October 2020
You can stop stupid
Security professionals often complain that end users are stupid. But we should instead identify and adjust failings in our practices, as well as the processes and technologies that enable such behaviours. Ira is one of the world’s most influential security professionals. He writes and speaks on cybersecurity and the human aspects of security and technology.
Recorderd on: Thursday 15th October 2020
Live cyber attack: Maze ransomware attack simulation
Ransomware gangs like Maze dwell in networks, stealing data and leaving backdoors, before dropping ransom notes. Join us as we explain how big-game ransomware gangs operate and showcase common tactics, techniques, and procedures (TTPs), with takeaways to help you prepare for an attack. Dave will run a Maze attack simulation, showing how an IR team should respond.
Recorderd on: Friday 9th October 2020
OpSec tales from the trenches: The ins, outs, wins and fails of online operational security
Operation Security (OpSec) is hard, it only takes one slip-up for the house of cards to tumble down. We examine its history, from its real-world military origins to its modern-day use by hackers and privacy-conscious netizens alike. Come for stories of modern-day OpSec mishaps, stay for the lessons into how hackers tread cautiously, to avoid getting caught.
Recorderd on: Thursday 8th October 2020
Developing and sustaining an effective security culture
Security culture refers to the values everyone should approach security by, to mitigate against threats. Developing and sustaining an effective culture is an essential component of a security regime, to evolve a security-conscious workforce and promote desired security behaviours. These leading security culture change practitioners talk about their work.
Recorderd on: Tuesday 6th October 2020
Reducing susceptibility to disinformation during Covid-19
David has been in the military for eight years. He joins us to discuss his work with the British Army's Information Operations Unit (77th Brigade) as a behavioural change planner. He successfully implemented behavioural change strategies against ISIS in 2019. He has recently advised Her Majesty's Government on countering misinformation during the Covid-19 crisis.
Recorderd on: Friday 2nd October 2020
The state of the security team: Are executives the problem?
Cybersecurity professionals are reporting higher levels of stress than before. A recent LogRhythm survey investigated the reasons behind the increased pressure on security teams, solution capabilities, deployment strategies, technology gaps, and more. Join Andrew as we explore some of the key findings from this research and how to alleviate some of these issues.
Recorderd on: Monday 28th September 2020
Dramatic security awareness: Cyber security awareness that might actually work!
Most security awareness training fails because it’s boring, condescending or wrong. Humans are drawn to engaging narratives and Peter offers an approach that calls on principles from sales, marketing, ethical hacking, education theory and creative writing. He shares examples of successful awareness training with heroes, villains, and plenty of drama.
Recorderd on: Wednesday 23rd September 2020
Top ten biggest and boldest insider threats
Insider threats are a widespread problem, affecting all industries and geographies. Understanding the motives behind them is key to defending your organisation, so join us as Rob and Lee reveal the stories behind the biggest threats over the last year. You will learn what happened in each incident and practical security tips to mitigate your own insider risk.
Recorderd on: Tuesday 22nd September 2020
Human cyber risk and security awareness: What’s ‘new’ and why is anything ‘normal’?
We talk about the ‘new normal’, but it’s just the old normal from a different location. Human cyber risk is an essential part of cybersecurity, but we’ve still yet to make a genuine impact. Things are changing though, and human cyber risk specialists are evolving. Oz explains what this means for security awareness and what we’re learning from the pandemic.
Recorderd on: Wednesday 16th September 2020
To err is human, to keep doing it is idiotic. Why do we keep shooting ourselves in both feet?
There’s more shiny silver bullets than we can shake a stick at. Each one promises some variant of greater efficacy. So why, with all of this tech, are we still falling foul of attackers? Why is awareness and common sense the most overused terms in security but are never practiced. We explore some simple ways we can turn the tide of keeping our organisations secure in the online world.
Recorderd on: Thursday 20th August 2020
'Tell me where it hurts': Where should you begin to address your professional pains?
There are many and increasingly complex challenges within organisations' information security. Companies must reassess their strategies in this Covid world, as cyber criminals become ever-resourceful in their methods. This session explores the remedies around changing your employees' behaviour and the organisation's culture and the approaches you should take.