Security news aggregator

Latest coverage for Security Awareness

Security awareness covers how people recognize and avoid phishing, social engineering, unsafe practices, and other causes of cybersecurity incidents.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security awareness is the ability of people in an organization to recognize security risks and make safer decisions when using systems, handling information, or communicating. It covers practical behavior such as checking unexpected login requests, protecting credentials, verifying payment or access changes through trusted channels, limiting sensitive data exposure, and reporting suspected phishing or social engineering promptly. Awareness is not a guarantee that users will avoid every mistake; it reduces risk when guidance is relevant to people’s roles and workflows.

Security practitioners assess awareness through targeted education, realistic exercises, clear reporting paths, and measures such as reporting quality and time to escalation—not merely course completion. News under this tag may therefore concern phishing and impersonation campaigns, unsafe handling of personal or confidential data, policy changes, or lessons from incidents involving human decisions. Effective programs should reinforce technical controls such as multifactor authentication and least privilege, while avoiding blame: users need simple procedures for verifying requests, reporting errors, and obtaining help before a mistake becomes an intrusion.

Volume over time

Weekly headline count for the current query.

Showing 6 most recent headlines Filtered view
Bank Info Security 9 months, 1 week ago

AI Browsers Vulnerable to Data Theft, Malware

AI Actions Bypass Security ToolsArtificial intelligence-powered browsers could expose enterprises to data theft, malware distribution and unauthorized access to corporate apps, new research shows. AI browsers built to complete tasks autonomously lack the security awareness to verify whether an instruction is safe.

Strategic Plan Includes Human Risk Management Platform Expansion, IPO PreparationBryan Palma outlines his vision to grow KnowBe4 beyond security awareness training by investing in agentic AI, expanding email and behavioral tools and positioning the company for IPO readiness. He highlights Vista Equity's support and platform depth as key assets.

Bank Info Security 1 year, 2 months ago

ISMG Editors: Day 2 Highlights From RSAC Conference 2025

Panel Discusses Views on Cryptocurrency, OT Security and Data SovereigntyISMG editors share highlights from Day 2 of the RSAC Conference 2025 in San Francisco, including insights from the cryptographers' panel, operational technology security awareness at the board level, and the growing focus on securing both public and private AI models.

Bank Info Security 1 year, 5 months ago

The Crux of Security Awareness: Stopping 'Death Clickers'

Who Are 'Death Clickers,' and How Do They Weaken Company's Cyber Defense?Employees who repeatedly click on malicious links or "death clickers" are a risk to an organization's cybersecurity. This blog explains how awareness, behavior testing and simulations can help organizations strengthen their cybersecurity culture and manage human risks.

Bank Info Security 1 year, 5 months ago

Box-Checking or Behavior-Changing? Training That Matters

Exploring New Ways to Deliver and Measure Cybersecurity Awareness ProgramsRegulations like GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace.

Bank Info Security 2 years, 2 months ago

Human Risk Crisis: 8% of Employees Cause 80% of Incidents

Mimecast's Masha Sedova on Using a Metrics-Driven Approach to Mitigate Human RiskMore than two-thirds of breaches involve the human element. Traditional security awareness initiatives, often fixated on training participation and engagements, are inadequate in mitigating incidents triggered by employees' risky behaviors, said Mimecast's Masha Sedova.