Read our latest announcements, company news, security and privacy lessons, leadership thoughts and more. Subscribe below to stay up to date.
April 20, 2023
Our most recent security stream covers common scams used around tax time. By sharing current, real-world scams like this Haekka engages employees about security and builds a security mindset throughout the year.
April 19, 2023
In today's constantly evolving digital landscape, the importance of cybersecurity cannot be paramount. In this blog post, we will discuss the three main goals of cybersecurity: Confidentiality, Integrity, and Availability. These goals, often referred to as the CIA triad, form the foundation upon which effective cybersecurity strategies are built.
April 18, 2023
As technology continues to advance and change the face of modern work, so too do the tactics employed by cybercriminals to steal personal information, gain unauthorized access to accounts, and commit fraud. In this blog post, we will explore the differences between smishing and email phishing, the dangers they pose, and how to protect yourself from these threats.
April 17, 2023
As the tax filing deadline nears, the Internal Revenue Service (IRS) cautions taxpayers to remain vigilant against email and text scams related to refunds or tax issues. The annual Dirty Dozen tax scams campaign highlights phishing and smishing schemes, where cybercriminals attempt to steal taxpayer information via deceptive emails or texts.
April 14, 2023
In the wild west of cybersecurity and social engineering, where cyber threats are evolving at an alarming pace, security awareness training has become necessary for businesses and individuals alike. With a professional tone and a focus on the importance of this training, let's explore the various groups that can benefit from security awareness training and why it's critical to invest in such education.
April 13, 2023
Understanding the psychological tactics used in social engineering can help individuals and organizations better defend against these threats. This article delves into the key psychological tools employed by attackers in social engineering attacks, to equip readers with the knowledge to recognize and counteract such schemes.
April 12, 2023
State-sponsored cybercrime has emerged as a significant and growing threat to global security in the digital age. As nations increasingly rely on digital infrastructure and networks to power their economies, government-backed hackers have turned to cyber-espionage, sabotage, and disinformation to further their strategic goals. This article provides an overview of state-sponsored cybercrime, its motivation, and its potential impact on international relations and cybersecurity.
April 11, 2023
In this weekly Haekka Digest Stream, we highlight the most common IRS and tax scams. As tax season arrives in the US, cybercriminals seize the opportunity to launch targeted social engineering attacks that capitalize on taxpayers' concerns. The US Internal Revenue Service (IRS) releases regular updates on the top 12 scams affecting taxpayers to increase public awareness. Check out more info in the post.
April 10, 2023
In the increasingly complex world of cyber security, the term "social engineering" refers to a set of devious tactics employed by criminals to manipulate unsuspecting individuals into divulging sensitive information or granting unauthorized access. In this article, we'll cover the nature of these attacks, exploring how they use false web addresses and counterfeit sites to ensnare their victims.
April 10, 2023
As an AI language model trained on vast amounts of text data, ChatGPT can be an awesome addition to an L&D toolkit for creating training content. Whether you're developing an e-learning platform or security awareness training or delivering in-person training sessions, using ChatGPT can help you streamline your content creation process and improve the effectiveness of your training materials.
April 7, 2023
Cybersecurity threats are a growing concern for businesses and individuals alike, as the reliance on technology continues to increase. In this blog post, we'll explore some of the most common cybersecurity threats that you should be aware of.
April 6, 2023
Cybersecurity and privacy are crucial aspects of any successful company. As technology continues to evolve, so do the threats that companies face. It is essential for companies to create an environment where employees can comfortably ask questions and receive guidance on security and privacy matters. Employees should be encouraged to ask questions and should not be embarrassed about it.
April 5, 2023
In today's digital age, cyber threats are becoming more prevalent, sophisticated, and damaging. As cyber attackers employ increasingly advanced tactics, businesses must adapt to ensure their data, resources, and reputation are protected. One crucial way to achieve this is by leveling the playing field for employees and empowering them to defend themselves against cyber attacks. In this blog post, we'll explore the reasons why companies must prioritize employee education and involvement in cybersecurity efforts.
April 4, 2023
Over the past few weeks, the launch of ChatGPT with GPT-4.0 capability, new ChatGPT APIs, and ChatGPT plugins (which connect to external services like Kayak and Instacart) has generated a surge in interest and utilization of the service. In this post, we talk about concerns and stats around sharing of sensitive data with ChatGPT.
April 3, 2023
In today's interconnected world, companies face a multitude of cybersecurity threats. Companies must prioritize security to protect their data, reputation, and bottom line. One essential aspect of a strong security posture is fostering trust between security teams and employees.
March 30, 2023
Artificial intelligence (AI), with ChatGPT getting the bulk of attention right now, has been a hot topic in recent months, with its ability to automate and improve decision-making processes, content creation, impersonation, and even writing code. In this blog post, we will discuss how cyber attackers are most likely to use AI and the potential risks that come with it.
March 29, 2023
When it comes to securing information and assets, a multi-layered approach is often the best strategy. The idea is to implement various measures and controls at different levels so that if one layer is compromised, other layers are still in place to prevent or mitigate the impact of an attack. This approach is commonly known as defense in depth, and it's an essential aspect of modern cybersecurity.
March 28, 2023
Check out our weekly security digest post. In this post, we highlight a recent incident where improperly configured Google Drive permissions cost $120,000.
March 27, 2023
As companies continue to rely more heavily on remote work and digital communication, it's important to ensure that employees have the training and tools they need to stay safe and secure online. One platform that's particularly well-suited for this purpose is Slack, which has quickly become one of the most popular collaboration tools for remote teams. By using Slack as a platform for security training and awareness, businesses can meet employees where they work and create a more engaged and informed workforce.
March 24, 2023
Security is an essential aspect of our daily lives, especially with the increasing prevalence of technology. In business, good cybersecurity is imperative. Security refers to measures taken to ensure the safety and protection of data loss, tampering, or inability to access. In this blog post, we will explore the five types of security and their importance.
March 23, 2023
What are the technical training required by ISO 27001. ISO 27001 is an international standard for information security management systems (ISMS), and it covers a wide range of topics related to information security. In this blog post, we'll take a closer look at the technical training that's required by ISO 27001.
March 22, 2023
Cybersecurity threats are becoming more sophisticated and frequent, making it essential for organizations to have effective security controls in place. There are various types of security controls. We will also focus on security awareness, human risk, SaaS, and phishing, four critical aspects of cybersecurity that can help organizations strengthen their security posture.
March 21, 2023
Weekly Haekka Security Dufgest - Headlines frequently highlight the financial impact of data breaches and ransomware attacks on businesses. However, companies are not the sole victims of internet scams and cyberattacks. A recent FBI report reveals that Americans lost over $10 billion to internet scams in the past year.
March 16, 2023
Not all phishing simulators are created equal. At Haekka, our phishing simulator was built to be different from other products in the market. Here are some of the reasons why:
March 15, 2023
Cybersecurity is a critical aspect of any organization, and it should be a top priority for everyone. There are various types of security, including physical, network, and cybersecurity. In this article, we will discuss the five elements of security that are crucial for any organization to maintain a secure environment. We will also focus on security awareness and phishing, two essential aspects of cybersecurity that can help organizations prevent security incidents.