Security news aggregator

Latest coverage for Security Awareness

Security awareness covers how people recognize and avoid phishing, social engineering, unsafe practices, and other causes of cybersecurity incidents.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security awareness is the ability of people in an organization to recognize security risks and make safer decisions when using systems, handling information, or communicating. It covers practical behavior such as checking unexpected login requests, protecting credentials, verifying payment or access changes through trusted channels, limiting sensitive data exposure, and reporting suspected phishing or social engineering promptly. Awareness is not a guarantee that users will avoid every mistake; it reduces risk when guidance is relevant to people’s roles and workflows.

Security practitioners assess awareness through targeted education, realistic exercises, clear reporting paths, and measures such as reporting quality and time to escalation—not merely course completion. News under this tag may therefore concern phishing and impersonation campaigns, unsafe handling of personal or confidential data, policy changes, or lessons from incidents involving human decisions. Effective programs should reinforce technical controls such as multifactor authentication and least privilege, while avoiding blame: users need simple procedures for verifying requests, reporting errors, and obtaining help before a mistake becomes an intrusion.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view
The Hacker News 2 years, 6 months ago

Are We Ready to Give Up on Security Awareness Training?

Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering remains one of the most prevalent attacks

It's not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking total of 1,097,811 phishing attacks. These attacks continue to target organizations and individuals to gain their sensitive information.  The hard news: they're often successful, have a long-lasting negative impact on your organization and employees, including: