In the past few years, ransomware has become one of the biggest cyber security threats that organisations face. It was the second-leading cause of cyber attacks in 2021, according …
Vishing is a type of phishing scam that takes place over the phone. It attempts to con individuals into surrendering personal information such as passwords, card details and PINs, …
For years, e-learning was considered a cost-effective but ultimately inferior way to receive training. Prospective trainees would gravitate towards online learning if they didn’t have the wherewithal to go …
BEC (business email compromise) scams are a type of phishing attack in which a fraudster impersonates a senior executive at an organisation. The threat of BEC attacks is something …
Ryuk is a sophisticated ransomware strain that has been targeting high-profile organisations since 2018. Like other forms of ransomware, Ryuk encrypts data on an infected system, rendering the information …
Staff awareness training is an integral part of ISO 45001, the international standard for OH&S (occupational health and safety). Although you might associate health and safety risks with specific …
Social engineering is one of the oldest types of fraud in existence. In an information security context, it refers to the tactics that criminals use to trick people into …
In 2015, the UK government introduced the Modern Slavery Act, giving law enforcement greater tools to identify and apprehend anyone involved in enslavement or human trafficking. You might not …
The ISO 9000 family of QMS (quality management systems) is a set of standards that help organisations meet their contractual arrangements with customers regarding products and services. At the …
Organisations don’t like to consider the possibility that their employees accept bribes. We often think of it as something that only happens at multinationals or governments, but corruption exists …
