Security awareness training and insider threats

Get advice and tips on how end user security awareness training can help prevent internal risks and external threats. Find out how training can protect users against phishing attacks, social engineering schemes and other threats that can lead to data breaches.

May 10, 2021 10 May'21
RSA Conference 2021: Focus on resilience

SearchSecurity will be at RSAC 2021, virtual edition, to provide pre-conference coverage and breaking news and analysis from the world's biggest infosec event.
April 08, 2021 08 Apr'21
Unpatched applications threaten SAP security

Cyberattacks are a significant threat to unpatched, unprotected SAP applications, according to a new threat intelligence report from SAP and Onapsis.
April 01, 2021 01 Apr'21
Man indicted in Kansas water facility breach

While the attempted tampering of a Kansas water facility occurred more than two years ago, the Justice Department this week indicted a 22-year-old former employee.
September 24, 2020 24 Sep'20
Shopify discloses data breach caused by insider threats

Canadian e-commerce company Shopify disclosed a data breach involving two insider threats, but questions remain about the breach and how it was discovered.

Bring yourself up to speed with our introductory content

insider threat

An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets. Continue Reading
Security awareness training quiz: Insider threat prevention

Find out how much you know about preventing user-caused cybersecurity incidents through education in this security awareness training quiz for infosec pros. Continue Reading
How to develop a cybersecurity strategy: Step-by-step guide

A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Malware researcher speculates on the future of ransomware

Abhijit Mohanta, author of 'Preventing Ransomware,' opines on the future of ransomware and discusses why this attack is favored among cybercriminals. Continue Reading
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
10 cybersecurity best practices and tips for businesses

Looking to improve your business's security program? Our top-10 list of cybersecurity advice breaks out best practices and tips for security professionals and for employees. Continue Reading

Learn to apply best practices and optimize your operations.

Strengthening supply chain security risk management

In the wake of several supply chain attacks, Pam Nigro discusses how companies can work to reduce risk by broadening how to manage third-party vendors' access to company data. Continue Reading
How to manage third-party risk in the supply chain

From third-party risk assessments to multifactor authentication, follow these steps to ensure suppliers don't end up being your enterprise cybersecurity strategy's weakest link. Continue Reading
How to prevent supply chain attacks: Tips for suppliers

Every company, large and small, must assume it is a target in the supply chain. Suppliers should follow these best practices to keep themselves and their customers protected. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

6 ways to prevent insider threats every CISO should know

Too often, organizations focus exclusively on external risks to security. Infosec expert Nabil Hannan explains what CISOs can do to effectively assess and prevent insider threats. Continue Reading
Explore 5 business email compromise examples to learn from

Gift cards are for gifts, never for payment. Explore real-world examples of business email compromise to learn common attack patterns and red flags. Continue Reading
Technical controls to prevent business email compromise attacks

Technical controls are at the heart of preventing successful business email compromise attacks. Learn about those and extra considerations to keep your business secure. Continue Reading