Security Awareness

Our security awareness support services help you:

  • Evolve and establish a security-centric working culture. People are often your weakest link, but become your greatest strength with an effective security awareness programme in place.
  • Empower employees to avoid, prevent and report security incidents. Human error is a leading cause of data breaches and cyber-attacks. Security awareness allows employees to feel confident about their involvement with data and compliance with corporate policies.
  • Write and implement security policies. Implementing policies, establishing working practices, and implementation software to support compliance will help mitigate identified risks. Security awareness training will reinforce the policies.
  • Protect corporate assets and reputation. Loss from security breaches can be far more than data and financial; reputational damage could quickly result in a significant loss of clientele which in some cases could mean the end of the business.
  • Reduce and prevent service downtime and expended investigative and repair effort. Recovering from cyber attacks can be costly, such as needing all hands on deck to get back up and running, losing orders while services are offline, cost of external help and severe disruption to business as usual activities.
  • Implement proactive security practices. Learning about specific risks will help you evolve from a culture of reacting and recovering from attacks to preventing attacks through increased vigilance. This website includes a significant quantity of security awareness articles
  • Encourage the reporting of observed security risks. With an increased awareness of risk, employees become a valuable source of intelligence and insight throughout the business.
  • Reduce threats and risk by continuously expanding security awareness. Continous training as the threat landscape changes is essential for users to understand how to recognise and avoid attacks.

Increasing security awareness is at the heart of Integritum’s security services offering. This website includes a significant number of articles on existing and emerging threats. A founding objective for Integritum was to help people and businesses to avoid becoming an easy target.

Contact us for a free, no-obligation, initial consultation.

Related Articles:

Wipe Before Selling

Before you sell, give away or recycle mobile phones, tablets, desktop computers, laptops or USB drives or other items with data storage such as cameras with memory cards, delete the data. It is, of course, necessary to make sure you have a safe copy of your data or fully operational...
Read More

They called you, remember!

It is a common theme that when you receive a call from your bank or utility providers, for example, telling you that for your data protection they must take you through security so they can identify you. Stop right there! They called you! It is your responsibility to identify them....
Read More

Degradation of security measures

Following the publication of a recent article about Public Wi-Fi and the use of Virtual Private Networks (VPNs),  I have received questions about what is reasonable with websites attempting to block the use of VPNs. A recurring concern was specifically the blocking of VPN access through an unencrypted public Wi-Fi...
Read More

Reporting Copycat Websites

The subject of copycat websites and services came up again this week when I received a call from a friend who explained that his wife had applied to update her driving licence details online, a service that is usually free of charge. The site asked her to pay a fee...
Read More

Public Wi-Fi Y/N?

In recent years, the number of publicly available Wi-Fi hotspots has increased significantly. We have reached a point in time where public Wi-Fi in coffee shops, restaurants and hotels has moved beyond ‘nice to have’ to ‘expected’ and choices of destination are often being decided by Wi-Fi availability over and...
Read More

The Double Edge Sword

When writing about information security and implementing defensive measures, common feedback includes questions about the extent to which advice about how to improve personal safety and security helps others to inflict harm and carry out cyber-attacks. The articles I am writing and publishing here provide insight into how attacks are...
Read More

Hit with the Spear

This article breaks down the attack into four stages: Identity, Research, Email and Action. Many of the tell-tale signs of spear phishing are the same as for phishing and more information is available in Caught in the Net, one of our previous articles. Stage 1 - Identify Identify key personnel...
Read More

Unsafe Financial Transactions

Despite continuous reports of financial fraud in the media, history appears to keep repeating itself. The same scams exist, and the only real difference is an increase in the level of fraud, not a decrease due to increased awareness. Earlier this month I published an article called ‘deviation from the...
Read More

Deviation from the norm

Are you being asked to act in a way that deviates from the usual way of doing things? If you are, then you should exercise some scepticism. When things go wrong and result in financial loss, it is often the case that the vendor asked for something out of the...
Read More

Caught in the net

Phishing emails continue to trick people into giving away personal information which can be used by fraudsters to inflict harm and financial losses on their victims. Emails can be compelling, made to look like they come from anyone, and with just enough bait on the hook to easily catch people....
Read More

More on passwords

The strange thing about writing a password blog is that most of the topic is the same as what I wrote about 20 years ago, so the challenge is not writing about passwords, but making the subject of passwords interesting to read. The difference is that during these 20 years,...
Read More

Unwise Software Installations

The issue of viruses, ransomware, spyware and other forms of malware intended to cause harm, has become much more of a hot topic in recent years. However, this has not translated into a comparable increase in vigilance and due diligence when it comes to choosing software vendors and websites. Although...
Read More

Copycat Services

Websites are still offering copycat-services in place of official services provided by government departments and local authorities. The difference is, the copycat-service is more expensive, not always legal, and seldom offers any added value above and beyond the official services available. Authorities have made a significant effort over several years...
Read More

The website credibility test

With an ever-increasing number of websites and a seemingly comparable increase in the level of fraud and other problems with purchases, people need to apply a greater level of judgement over which websites they use and choose to trust with their credit card details. What constitutes site credibility is somewhat...
Read More

Insecurity questions (Part 3)

We have already illustrated that security questions are not secure, but this will continue for some time to come. The problem is that a lot of security questions and answers use immutable facts which are akin to having a never-changing password used in many different places. It is disproportionate, to...
Read More

Insecurity questions (Part 2)

In part 1, we looked at how security questions are generally insecure for several reasons and highlighted some of the challenges that we face to improve security. The next step is to look specifically at suggestions for adapting to what are several broken business processes and inadequate IT solutions. We...
Read More

Insecurity questions (Part 1)

‘Can we take you through security?’ is a question we are all familiar with these days, but just how secure are the answers? There must be a point at which some become irrelevant such as mother’s maiden name and date of birth. With many companies asking for this information, it...
Read More

How much info is too much? (Part 4)

Address the issue of what information to provide by defining the overall process for dealing with new clients. This process doesn't need to be complicated and having a process to follow will prevent digression into off-topic discussions; importantly, avoiding all conversations about previous clients and focussing on what the client...
Read More

How much info is too much? (Part 3)

In the previous two parts, the general conclusion is that within the IT sector, so much emphasis is on past clients and past projects, which could be a phishing exercise to extract information about previous clients.  People bidding will feel compelled to answer because they will believe that not to...
Read More

How much info is too much? (Part 2)

Part 1 focused on discussions about clients and projects; however, the same applies to printed and electronic literature which showcase products and services. Mentioning a list of client names to illustrate the general target audience and profile of clients is one thing, but then there is another level of detail...
Read More