ActiSoft Technology - Blog #RiskActiSoft Technology - Blog #Riskhttps://www.actisofttechnology.com/blogs/tag/riskThu, 23 Apr 2026 21:16:33 +0200http://zoho.com/sites/<![CDATA[How to Run a Successful Security Awareness Training Program]]>https://www.actisofttechnology.com/blogs/post/how-to-run-a-successful-security-awareness-training-programBlog courtesy of KnowBe4 Written by Stu Sjouwerman As we're now in Cybersecurity Awareness Month, thinking about how to strengthen your security awarene ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

As we're now in Cybersecurity Awareness Month, thinking about how to strengthen your security awareness training program is probably top of mind.

Luckily, we've got you covered with helpful tips you can use to run a strong security awareness training program in your organisation! We asked our Security Awareness Advocates for their expert advice on questions like how to get started, how to motivate your users, and how to develop a strong security culture over time. While not an exhaustive list, here is a handy one-sheet with what they had to say:

Click here to download the full infographic

Critical components of a successful security awareness program:
    • Use good, high quality content that’s highly relevant to your users
    • Reinforce the training with regular simulated phishing attacks
    • Stay current with what is happening in real phishing attacks - mirror the topics and methods used by cybercriminals
How to motivate your users to do their training on time:
    • Lead with a carrot, not a stick! Reward users upon completion (could be a sticker, certificate, raffling off a gift card, etc.)
    • Make it a game and create healthy competition between departments or other groups
    • Get your leadership involved publicly - make sure it’s well known and seen. It will make the rest of the organisation want to follow in their footsteps
How to gain and maintain executive support for your security awareness program:
    • Speak their language: Don’t get too technical, and tie it to business objectives (risk, reputation, business benefits, profit and loss impact, etc.)
    • Address the “why” and how does it help your organisation be more successful
    • Talk about cybersecurity in the news, how it was a result of human error, and how this program will help to mitigate human error
How to measure the benefits of a successful security awareness program:
    • Track metrics like the phish-prone percentage of your organisation or number of phishing emails reported over time
    • Conduct surveys with different stakeholders to gauge their perception of the program’s success
    • Whatever you use to measure success, make sure it is defined, agreed upon and tracked
How to develop a stronger security awareness culture over time:
    • Evaluate your organisation against the 7 dimensions of security culture, and measure it against your industry’s benchmarks (we have done studies on this!)
    • Tie your security culture into your overall organisational culture so the two are not at odds
    • Understand that there is no fast track to a good security culture - by consistently following the advice above, you will develop a strong security awareness culture over time
We hope these tips can help you implement new-school security awareness training for your users. Here are more in-depth videos on our partner support site. Make sure you're prepared for Cybersecurity Awareness Month and beyond!                    

Get Your Free 2021 Cybersecurity Awareness Month Resource Kit

In today's hybrid work environment, your users are more susceptible than ever to attacks like phishing and social engineering. Cybercriminals know this and are constantly changing tactics to exploit new vulnerabilities. We've put together these resources so you can keep your users on their toes with security top of mind. Request your kit now to help your users defend against cybercrime whether they are fully remote, back in the office, or a combination of both.
Here's what you'll get:
  • Access to free resources for you including our most popular on-demand webinar and whitepaper
  • Resources to help you plan your activities, including your Cybersecurity Awareness Month Guide and Cybersecurity Awareness Weekly Planner
  • Two free training modules for your users; "Your Role: Internet Security and You" and "2021 Social Engineering Red Flags," both available in multiple languages
  • Resources to share with your users including Kevin Mitnick cybersecurity demo videos, infographics, tip sheets, awareness posters, and wallpapers
  • All assets are printable and available digitally, so they can be delivered to your users no matter where they are working from 
Get Your Free Resource Kit Now!
]]>Fri, 01 Oct 2021 15:18:27 +0000<![CDATA[Probability of Experiencing a Vendor Email Compromise Attack Increases 96%]]>https://www.actisofttechnology.com/blogs/post/probability-of-experiencing-a-vendor-email-compromise-attack-increases-96Blog courtesy of KnowBe4 Written by Stu Sjouwerman Vendor Email Compromise requires first taking control of a strategic email account within the victim ]]>
Blog courtesy of KnowBe4
Written by Stu Sjouwerman
Vendor Email Compromise requires first taking control of a strategic email account within the victim organisations. According to new data, cybercriminals are getting really good at this.

Vendor Email Compromise – an attack where an email account is actually taken over rather than simply spoofed as seen in business email compromise attacks – can have a far greater impact on the organisation. Emails coming from a threat actor-controlled legitimate email account are much harder – if not impossible – to discern as being malicious in nature.
According to new data in Abnormal Security’s Q3 2021 Email Threat Report, email account takeovers are rising in both number and success rates:
    • The chance of experiencing a VEC attack has risen 96% over the last 12 months
    • Mid-sized companies are 43% likely to have at least one account takeover per quarter
    • Enterprises with 50K+ employees are 60% likely to be a victim of account takeover
    • The C-Suite is the most targeted group, at three times than VPs – the next targeted group
    • 14% of account takeovers occur at department head levels within organizations
    • The average request in a VEC attack is $183,000, with the highest documented being $1.6 million

With the potential for VEC attacks to cost organisation’s millions annually, it’s first imperative to protect email accounts from the possibility of account takeover using multi-factor authentication and zero trust solutions that scrutinise requests to access email. It’s equally important to educate users involved with the organisation’s finances using Security Awareness Training to maintain a sense of vigilance – even when a request comes from a legitimate source. It’s necessary to validate any unexpected requests using a separate communication medium to ensure the person believed to be asking is actually doing so.

Request A Demo: KCM GRC

The new KCM GRC platform helps you get your audits done in half the time, is easy to use, and is surprisingly affordable. No more: "UGH, is it that time again!" 
With KCM GRC you can:
    • Reduce the amount of time and money required to easily manage your compliance, risk and audit requirements
    • Automate reminders so you can quickly see what tasks have been completed, not met, and are past due
    • Simplify risk management with an intuitive interface simple workflow based on NIST 800-30.
    • Efficiently manage your third-party vendor risk requirements
    • Quickly implement compliance and risk assessment processes using KnowBe4's pre-built requirements and assessment templates
Request Your Demo!
]]>Mon, 20 Sep 2021 14:51:00 +0000<![CDATA[Enterprise Organisations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week]]>https://www.actisofttechnology.com/blogs/post/enterprise-organizations-have-as-much-as-an-85-chance-of-receiving-a-bec-attack-every-weekBlog courtesy of KnowBe4 Written by Stu Sjouwerman Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing and consistent threat.

We’ve seen recent rises in BEC activity – along with a number of other cyberattacks – in both frequency and cost. But BEC tends to get lost in the shuffle; particularly when ransomware news has ransoms in the millions of dollars and seems to happen every day. But BEC is just as impactful a cyberattack and, from the latest data, seems to be happening quite frequently.

Keep in mind that most BEC attacks are limited in scope to the one and only CFO in your organisation or a small group of individuals in the finance department. The good news is as the organisation grows, the number of BEC attacks won’t necessarily increase. The bad news is that threat actors only need to focus on a few people to be successful.
In addition to enterprises having a high probability of attack, according to Abnormal Security’s Q3 2021 Email Threat Report, businesses of every size are at risk:

    • Small organisations under 500 employees have a 42% probability of receiving a BEC attack each week
    • Mid-sized organisations, a 60-70% chance

Part of this growth is the expansion in operational methods used by cybercriminal groups seen on the dark web. Posts on cybercrime forums have been spotted that attempt to recruit or outsource functions related to BEC scams – particularly those looking for native-English speakers to help improve the credibility and efficacy of social engineering elements in BEC attacks.

Because BEC relies pretty heavily on social engineering and spoofing companies, domains, and/or an individual, putting employees through Security Awareness Training is an effective way to minimise the threat surface of phishing attacks and stop BEC attacks before they have an opportunity to make an organisation a victim.

Can hackers spoof an email address of your own domain?

Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

Now they can launch a "CEO fraud" spear phishing attack on your organisation, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.
Try To Spoof Me!
]]>Mon, 20 Sep 2021 08:31:00 +0000<![CDATA[U.K. Organisations See Double the Number of Ransomware Attacks in the First Half of 2021]]>https://www.actisofttechnology.com/blogs/post/u.k.-organisations-see-double-the-number-of-ransomware-attacks-in-the-first-half-of-2021Blog courtesy of KnowBe4 Written by Stu Sjouwerman New analysis of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

New analysis of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in the first half of 2021 show a massive rise when compared to 2020.

Utilising incident data reported to the ICO, British cyber security organisation CybSafe has determined that 22% of all cyber incidents in the first six months of 2021 were attributed to ransomware attacks. This is double the 11% found in the first half of 2020.

This doubling of the number of reported attacks is troubling, but not surprising, as 35% of all U.K. businesses experience ransomware attacks (with the global average being 37%), according to Sophos’ State of Ransomware 2021 report. 
Additionally, 63% of U.K. businesses affected by ransomware reported their organisations' brand was negatively impacted, according to CyberReason’s Ransomware: The True Cost To Business report, making ransomware a legitimate threat to business longevity in the U.K.

CybSafe’s analysis found that phishing was the primary cause of all cyber breaches reported to the ICO in the first half of this year, making up 40% of all successful attacks. Phishing continues to be a thorn in cybersecurity’s side, with some percentage of attacks finding their way past security solutions and into the Inbox where an unsuspecting user is fooled into clicking on malicious links and attachments.

It’s only through continual Security Awareness Training that users will elevate their state of vigilance, always being on the lookout for malicious content and reducing whatever threat surface remains by the time an attack reaches the Inbox.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?


KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here's how it works:


    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
Get RanSim!
]]>Tue, 31 Aug 2021 07:28:00 +0000<![CDATA[Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training]]>https://www.actisofttechnology.com/blogs/post/defending-against-ransomware-attacks-should-start-and-can-end-with-security-awareness-trainingBlog courtesy of KnowBe4 Written by Stu Sjouwerman The world’s most dangerous, expensive, and impactful cyb ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

The world’s most dangerous, expensive, and impactful cyberattack can potentially be stopped with little more than a conscientious user who is paying attention.

It feels like every year I need to be saying “this year is the year of ransomware”. Every year the attacks become more frequent, the number of players increase, the ransom demands get larger, and the payouts reach new unprecedented levels.               


Most cybersecurity strategies focus on layering in security solutions that prevent, detect, and respond to any kind of malware-based attacks – which includes ransomware. One aspect of the attack chain that can have a material impact on the effectiveness of your ransomware defence is the very prevalent human element. In most cases, phishing attacks are the primary initial attack vector, causing your users to stand squarely in between the ransomware attack and your organisation.

No single security solution can stop every attack, so it makes sense that because ransomware gangs – in part – require users to interact with malicious email content to enable an attack, educating those users via Security Awareness Training to spot an attack to stop it from ever continuing.

So, your ransomware defence strategy should start with Security Awareness Training because you have no guarantee that the next attack will be stopped by solutions. But a user can make the difference between a boring normal workday and one where your entire operations has come to a screeching halt.                

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?


KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here's how it works:


    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
Get RanSim!
]]>Fri, 20 Aug 2021 13:45:50 +0000<![CDATA[Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?]]>https://www.actisofttechnology.com/blogs/post/defending-against-ransomware-attacks-should-start-and-can-end-with-security-awareness-training1Blog courtesy of KnowBe4 Written by Stu Sjouwerman Lax security policies, a lack of security measures and solutions in place, and an expectation that Mi ]]>
Blog courtesy of KnowBe4
Written by Stu Sjouwerman
Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organisations at risk.

Microsoft has gone to great lengths to ensure their Microsoft 365 platform offers modern security measures to keep their customers' data safe. But according to new data from cloud email security provider Hornet Security, 25% of organisations have reported a known email-based security breach, and it begs the question “why?”
According to Hornet Security, a lot of the issue resides with organisations not taking advantage of security features – whether from Microsoft or a third-party:
    • 33% of organisations are not using Microsoft’s multi-factor authentication (MFA)
    • Of those using MFA, 55% of organisations are not using Conditional Access which scrutinizes connection requests beyond just providing credentials and additional authentication factors
    • Only 43% leverage Microsoft’s data loss prevention policies to keep data from leaving the organisation
    • 68% of organisations expect Microsoft to keep email safe from threats

What’s interesting is that almost none of these features (with the exception of MFA) address the core issue – phishing and compromised credentials. For every organisation that has experienced a security breach, there’s a phishing email riddled with social engineering tactics and, more importantly, a recipient user who engages and activates attacker’s malicious content.

It’s imperative that organisations recognise the need to follow the attack kill chain and see one of the weakest links is the user who unwittingly enables threat actors by falling for phishing scams. Users that undergo continual Security Awareness Training are better equipped on a daily basis to see phishing attacks for what they really are and keep the organization safe by not playing their role in an email-based attack.

Request A Demo: Security Awareness Training

New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilise users as your last line of defence. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!
]]>Fri, 20 Aug 2021 13:45:50 +0000<![CDATA[Ransomware Attacks This Year Are Already Higher Than 2020]]>https://www.actisofttechnology.com/blogs/post/ransomware-attacks-this-year-are-already-higher-than-2020Blog courtesy of KnowBe4 Written by Stu Sjouwerman According to the 2021 Cyber Threat Report by SonicWall, 304.7 million ransomware attacks occurred in ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

According to the 2021 Cyber Threat Report by SonicWall, 304.7 million ransomware attacks occurred in the first half of 2021, already surpassing the total number of ransomware attacks for all of 2020 with 304.6 million (a 151% increase YTD).

The increase in ransomware attacks are due to the shift to remote work, allowing threat actors to take advantage. 

In a statement by SonicWall CEO, Bill Conner, commented “In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions. This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord."
The spikes in volume of ransomware have occurred in the US at a rate of 185% and 144% in the UK. The top industries being targeted are government (917%), education (615%), healthcare (594%), and retail (264%) companies. June 2021 was the worst month with SonicWall reporting 78.4 million registered ransomware attacks. 

These alarming stats should be a warning for your organisation. One malicious email could cost your organisation millions. It's important to utilise additional security layers to prevent an attack from ever occurring. The most recommended method is implementing new-school security awareness training to ensure your employees know how to spot and report any suspicious activity. 

TechRadar Pro has the full story

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?


KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here's how it works:


    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
Get RanSim!
]]>Wed, 04 Aug 2021 07:39:00 +0000<![CDATA[Two of the Most Common and Successful Ransomware Attack Methods are Exposed]]>https://www.actisofttechnology.com/blogs/post/two-of-the-most-common-and-successful-ransomware-attack-methods-are-exposedBlog courtesy of KnowBe4 Written by Stu Sjouwerman Researchers at Coveware recently analysed ransomware attacks during Q2 of this year and noticed a sim ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

Researchers at Coveware recently analysed ransomware attacks during Q2 of this year and noticed a similar trend in ransomware attack methods by cybercriminals. These are the two ransomware attack methods that are gaining popularity by ransomware gangs: 

  • Email Phishing Attacks - The most common form of a cyberattack. Cybercriminals are including a malicious attachment in the phishing emails that contain ransomware. Coveware reported that this method has been prevalent in 42% of known ransomware attacks. 

  • Brute Force Attacks - This type of attack specifically focuses on remote desktop protocol services (RDP). They brute force weak or default usernames and passwords to gain access. This type of attack is also accounting for 42% of known ransomware attacks. 
Cybercriminals gravitate to these methods because they are low-cost to carry out while also being effective. They're also very simple to execute and, if successful, can open doors to your whole network. 

Ransomware groups have only gotten stronger with REvil being responsible for the infamous Kaseya hack and Conti against the Irish healthcare system. There are new ransomware groups that will come through the shadows in the near future and will be even more powerful than these well-known ransomware groups. 

To help protect your organisation's network you can take additional security measures such as multi-factor authentication, frequent software updates and patches, and most importantly, implement new-school security awareness training. Your users are the essential layer of protection to stop malicious attacks from ever occurring! 

ZDNet has the full story.

Free Ransomware Simulator Tool

Here's how it works:


    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
Get RanSim!
]]>Tue, 03 Aug 2021 08:59:00 +0000<![CDATA[77% of Organisations Are Unable to Access Systems or Networks Post-Ransomware Attack]]>https://www.actisofttechnology.com/blogs/post/77-of-organisations-are-unable-to-access-systems-or-networks-post-ransomware-attackBlog courtesy of KnowBe4 Written by Stu Sjouwerman The fallout after a ransomware attack is more devastating than previously thought. New data spells ou ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

The fallout after a ransomware attack is more devastating than previously thought. New data spells out what you should really expect after being hit with ransomware.

When we consider what happens after a ransomware attack, we normally think about remediation steps - recovering from backup, dealing with the data breach, addressing any public-facing issues, etc. But new data from Keeper Security’s 2021 Ransomware Impact Report highlights some of the forgotten impacts to an organisation’s productivity post-attack:
    • Over three-quarters (77%) were unable to access needed systems or networks
    • 28% of outages lasted over a week
    • 26% of organisations were unable to fully perform job duties for at least a week
    • 33% faced difficult learning curves around new protocols
    • 21% were unable to access online tools and applications normally used
    • 36% of user had limited access to IT support for non-security related issues

According to Keeper Security, 42% of ransomware attacks begin with a phishing email, 23% from a malicious website, and 21% from a compromised password. In each of these cases, social engineering tactics are used to trick users into engaging with content in email and on the web. Users that undergo continual Security Awareness Training are able to differentiate between legitimate and suspicious/malicious content and avoid engaging with malicious links and attachments that are the initial action that results to a ransomware attack.

It’s evident, organisations suffer materially after a ransomware attack. It’s the very reason why it’s so important to take steps to ensure one never happens in your organisation.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?


KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.
Here's how it works:


  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 21 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!
Get RanSim!
]]>Mon, 02 Aug 2021 07:44:00 +0000<![CDATA[Warning: A New Ransomware Cartel Has Formed Sharing Techniques, Code, and Infrastructure]]>https://www.actisofttechnology.com/blogs/post/warning-a-new-ransomware-cartel-has-formed-sharing-techniques-code-and-infrastructureBlog courtesy of KnowBe4 Written by Stu Sjouwerman In a new twist, security researchers at Analyst1 have identified four Russian ransomware gangs that a ]]>
Blog courtesy of KnowBe4

Written by Stu Sjouwerman

In a new twist, security researchers at Analyst1 have identified four Russian ransomware gangs that actively work together to coordinate attacks, data leaks, and more.

It’s bad enough when there’s one threat actor attacking your organisation. But when it’s four cybercriminal gangs working together to share best practices, code, infrastructure, techniques, and more, it spells doom for their victims. New research from threat intelligence vendor Analyst1 combines months of research, analysis, tracking, cross-referencing, and more of ransomware gang activity, bringing to light a new ransomware cartel.
According to Analyst1, four ransomware gangs in specific are part of this new cartel:
    • Twisted Spider (who use Maze and Egregor)
    • Viking Spider (Ragnar Locker)
    • Wizard Spider (Ryuk and Conti)
    • The Lockbit Gang (Lockbit)

Some of the notable ties between these gangs, demonstrating the cartel-like interactions include:
    • Sharing of victim data & leak sites – in some cases, one gang steals the data and then uses another gang to perform the extortion and publishing
    • Sharing of infrastructure – multiple gangs have used identical IP addresses for C2 servers
    • Adopting each other’s tactics – an example is them all adopting the use of virtual machines in the victim environment (something originally mastered by Viking Spider)
    • They all have claimed affiliation to the cartel

This cartel demonstrates what’s coming next; more sharing between gangs and I would assume some sort of “anti-threat intelligence” about security solutions.

The only light at the end of the tunnel is the need by these gangs to have your users interact and engage with phishing emails – something a solid education using Security Awareness Training will counteract and, therefore, stop attacks before they can do damage.

Free Ransomware Simulator Tool

Here's how it works:


    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
Get RanSim!
]]>Wed, 28 Jul 2021 16:19:16 +0000