Ask the Experts

Ask the Experts

Security awareness training and insider threats

• How important is security awareness training for executives?

  Corporate executives are prime targets for spies and hackers, and that is why security awareness training for executives is so important.  Continue Reading

• What are the most important security awareness training topics?

  Organizations looking to heighten security awareness among employees need to cover a wide variety of security awareness training topics, but social engineering tops the list.  Continue Reading

• Why do enterprises need employee security awareness training?

  With human error as the leading cause of breaches and security incidents within the enterprise, organizations should offer employees mandatory security awareness training with regular refreshers.  Continue Reading

• Ransomware recovery: How can enterprises operate post-attack?

  A report detailed how Maersk recovered its infrastructure from a NotPetya ransomware attack along with its chosen recovery option. Expert Nick Lewis explains how it worked.  Continue Reading

• Intel AMT flaw: How are corporate endpoints put at risk?

  A recent flaw in Intel's Advanced Management Technology enables hackers to gain access to endpoint devices. Discover how this flaw can be mitigated with expert Judith Myerson.  Continue Reading

• What caused the ClixSense privacy breach that exposed user data?

  A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices.  Continue Reading

• Can an HTML5 document with a digital signature be authenticated?

  A digital signature on an HTML5 document cannot be authenticated the same way a PDF can. Expert Michael Cobb explains how enterprises should address this issue.  Continue Reading

• Will the Neiman Marcus data breach lawsuit set a precedent?

  The Neiman Marcus data breach lawsuit was appealed and it could set a precedent for the victims of data breach lawsuits in the future. Expert Mike O. Villegas explains.  Continue Reading

• How can enterprises prevent man-in-the-email attacks?

  A new global email scam has cost enterprises millions. Expert Nick Lewis explains how to defend against man-in-the-email attacks with proper training and little technology.  Continue Reading

• How does user behavior analytics compare to security awareness training?

  User behavior analytics is emerging as a technology to prevent malware infections and end-user attacks, but how viable is it? Expert Nick Lewis outlines the pros and cons.  Continue Reading

• How should CSIRTs respond to email extortion schemes?

  The 2014 Sony Pictures hack highlights the importance of responding appropriately to email extortion. Learn what steps executives should take to best manage the situation.  Continue Reading

• What is the best mobile malware protection against NotCompatible.C?

  A sophisticated variant of the NotCompatible malware has emerged that is difficult to detect and defend against. Expert Nick Lewis offers tips for handling NotCompatible.C.  Continue Reading

• Login credential security: How to defend against tabnapping

  Tabnapping can be used to capture user login credentials. Enterprise threats expert Nick Lewis explains how to defend against the risk.  Continue Reading

• How can drive-by download attacks be prevented?

  Expert Nick Lewis offers some strategies that enterprises can use to avoid the threat of drive-by download attacks and improve employee awareness of the risks.  Continue Reading

• Should enterprises enforce harsher penalties for phishing victims?

  The consequences of phishing attacks could fall on the victims as enterprises start to punish employees who fall for this age-old scam. Expert Joseph Granneman discusses why this approach may have merit.  Continue Reading