Dive into practical advice, research findings, and expert perspectives on building security-aware cultures. Explore evidence-based strategies to strengthen your organization's human security posture.
Despite years of simulations and mandatory e-learning, phishing continues to succeed. Why? Because too many organisations treat phishing simulations as a one-off training exercise rather than a behavioural challenge. Clicking “next” on an annual training module doesn’t rewire the habits and decision-making shortcuts that attackers exploit every day.
Read ArticleBeneath the firewalls and encryption layers lies a far older human force: our need to belong. This drive for group identity, which has shaped societies for millennia, now shapes how we behave online. This is where cybersecurity meets anthropology, a lens that helps us understand why people in digital spaces form “cyber tribes” and how these tribal affiliations influence behaviours, risk perception, and even compliance with security practices.
Read ArticleAs cyber threats become more sophisticated, organisations are coming under increasing pressure to monitor employee activity more closely. From detecting insider threats to preventing data leaks, behaviour monitoring has become a standard security policy within many organisations.
Read ArticleWhat do con artists from the 1800s and modern-day hackers have in common? More than you think. While the tools have changed, the tactics haven’t. Welcome to the age of digital deception.
Read ArticleWhile technical vulnerabilities remain important, attackers increasingly exploit human vulnerabilities through methods rooted in dark psychology: the use of manipulation, coercion, and deceit to influence behaviour for malicious gain. These tactics operate in the shadows, undetected by firewalls, unnoticed by endpoint protection, and strike at the core of human decision-making.
Read ArticleFrom a behavioural and human factors perspective, there’s one critical ingredient that matters more than any tool, training module, or policy: Psychological safety. This may sound surprising in a world dominated by technical controls, but here’s the truth: without psychological safety, even the most sophisticated cybersecurity systems are undermined by silence, fear, and inaction.
Read ArticleGlobal organisations face unique challenges due to scale, diversity, and varying maturity levels in their cybersecurity cultures. Behavioural boosting, a cognitive empowerment approach derived from behavioural science, offers a promising pathway to enhance resilience systematically and sustainably. However, a realistic approach recognises that not all employees will actively engage in ongoing microtraining, necessitating a hybrid approach.
Read Article