If a business falls under CCPA compliance requirements, executives and managers must take the necessary steps towards meeting these requirements. We’ve distilled the process of complying with CCPA down into 9 short steps. Use this as a primer for CCPA.

The American subsidiary of JBS, the world’s largest processor of fresh beef and pork, suffered a cyberattack that left their North American and Australian operations paralysed last month. The North American shutdown of the meat processing giant, who supplies meat to fast food chain McDonald’s.

The last year was transformative for many businesses, as COVID shutdowns forced brick-and-mortar businesses to pivot to a digital presence and digital businesses began seeing more traffic than ever before. With increased attention comes an increased potential for phishing attacks.

The most challenging aspect about securing your workforce when it’s remote is ensuring that your remote workers are in the right mindset to protect data. Having a security mindset is challenging in the office but it’s a lot harder at home or in a coffee shop. Here are some ideas that might help.

Regardless of size or type (B2B vs B2C), all companies should do some form of security awareness training. Security awareness training should go beyond checking the box. Employees need help to make better security hygiene decisions every day.

Slack is the operating system of many companies. As such, securing it is imperative for Slack admins. We put together a basic list of 8 tips to help Slack admins securely manage their Slack instances. This post is written for new admins to Slack.

As Slack cements its place as the communication tool of choice for many businesses, it has increasingly become a target for attacks. The statistics are real - Slack reduces email by up to 80%. Social engineering, a primary type of cyber attack, requires communication. And today that means Slack.

We know that configuring your organization’s Slack Workspace can seem like a daunting task. However, Slack is extremely user-friendly and intuitive when it comes to setting up configurations and establishing permissions.

No matter what role an employee plays in an organization, they should understand essential security awareness topics and how to protect the company (and themselves) from potential cyber-attacks and security breaches. Here are a few of the most critical topics to cover in 2021.

In our most recent release, β 0.6, we announced a new feature called Streams. We're really excited about this feature and the potential it has to support our users in building a culture of security throughout their organization.

Starting today, anyone can sign up for Haekka for free. This will give you access to the entire product for teams of 10 or less. For larger teams, you can still sign up and kick the tires without paying, which will provide the opportunity to give Haekka a try without having to worry about a time lim

Today we’re excited to announce that we’ll be joining the Winter 2021 class of Techstars Boulder — virtually of course! Our decision to join the program came after meeting Andres and the Techstars team. We examined where we are as a company and what our goals are over the next 12-24.

We could not be more excited to finally announce our pre-seed round of funding — a round we closed last spring but delayed the announcement. Raising capital in the middle of a global pandemic was particularly challenging, but also exciting. Market conditions forced a lot of good questions for us.

2020 is over. Many people are breathing a sigh of relief, though 2021 feels a lot like 2020 so far. The trends in security awareness are going to be shaped by the changes that went into place in 2020 and are not going away in 2021.

In our last post, we covered the SANS Security Awareness Maturity Model. At Haekka, we take a slightly different view of security awareness programs, something we call human risk maturity. We view security awareness from the perspective of the goal, or job to be done (JTBD).

At Haekka, we think about security awareness in stages. We start with basic awareness, move up to engagement, and then on to effectiveness. Each of these stages corresponds to a job to be done (JTBD). We’ll cover these stages in a later article. This post is focused on a similar model from SANS.

Phishing is something every company should be actively trying to prevent. Phishing is the most commonly exploited threat to your company’s data. The lack of social engagement around phishing training is a missed opportunity to build user engagement and promote good security hygiene.

Haekka is a security engagement platform. Technology companies hire Haekka 1) to check the box on security awareness training and 2) to engage employees in security and privacy, building it into their cultures. This post describes the two types of training content on Haekka

We get asked about HIPAA training all the time. While most companies know that HIPAA requires some form of training, the details about what is required are often unknown or unclear. This post clarifies what HIPAA requires for training your employees.

Employees cannot be expected to stay up to date on cybersecurity best practices and privacy regulations on their own. This is why security awareness training is more important than ever. Find out what topics to include in your security awareness training.

Phishing is a massively common form of attack and, due to the scale of it, accounts for 80% or more of all security incidents. Software packages, sold and distributed on the dark web, are used by malicious groups to automate and scale these attacks. So what messages trick us into clicking?

At Haekka, we’ve debated the terms “security awareness training”, “privacy training” and “compliance training”. We ultimately decided to use the term “security awareness training” for what we do. We felt it was worth clarifying the terms and how we use them in regards to training.

Micro-training, as we define it at Haekka, is comprised of lessons that can be consumed in under 5 minutes. By focusing on content that provides high value for the work people are doing at technology companies, we see drastic improvement across six core components of learning.

Protecting the data and privacy of your users has never been more critical. The burden of cybersecurity not only weighs heavy for companies in highly regulated industries but for businesses of any size. Growing companies can address this challenge with effective security awareness training.

The advent of the LMS coincided with the emergence of digital learning. As work has moved from disconnected systems and silos to integrated workflows anchored on open, continuous communication (think Slack and Teams), training has not kept pace. Slack-native micro-training solves these problems.