The concept of “psychology of security” is often a foreign concept to IT professionals, yet they all acknowledge that users are the biggest challenge. When hackers are unsuccessful at exploiting technical vulnerabilities, they turn their attention towards users. They scan for responses to psychological triggers and cognitive patterns that can [...]
Three recent criminal cases involving hospital insiders who allegedly committed a variety of fraud, identity theft or egregious privacy violations that victimized
Dr. Hend Ezzeddinne, Cyber Security Practice Director for Expressworks, gave this talk at Austin Bsides conference in March. Folks there were quick to acknowle…
Having just attended the insiderthreat Summit last month I was surprised at how much focus was on identifying behavioral characteristics of malicious insider threats. Don’t get me wrong, proactively identifying malicious insiders is a critical part of an Insider Threat Program, but I believe that you also must consider the [...]
You may remember the “I Love You” virus which struck back in May 2010. It is estimated that the virus cost us US$5.5- US$8.7 billion in damages worldwide and US$15 billion to remove. You would think that five years later we would have learned to be more cautious, but just [...]
When I speak with IT security professionals, the number one challenge that they face is how to get upper management more involved. How do you motivate them to make cyber security a personal matter? The truth, show them why and how they are the prime target of cyber theft. Executive [...]
In observance of Week 2 of National Cyber Security Awareness Month, here are a few tips on how you can help create a cyber security culture at work.
“This is one piece of the puzzle that we rarely think about.” My colleague and I just finished presenting at the Center for Medicare and Medicaid Services’ Security Control Oversight & Update Training (CSCOUT) conference. This might seem an unusual place for a behavioral change management practitioner, but the topic [...]