The people factor is still the biggest variable in cyber resilience. Firewalls, EDR, and Zero Trust help, but everyday choices shape outcomes. The top ways employees make their employer vulnerable often come down to habits formed under pressure: clicking quickly, sharing widely, and trusting implicitly. Understanding those patterns — and changing them at scale — requires focusing on human risk...

Human error now plays a role in 95 percent of data breaches, making it more critical than ever for security teams to treat it as the substantial threat it is. In some cases, employees intentionally expose sensitive data for personal gain. But the most pervasive insider threats aren’t malicious — they’re accidental. This challenges the notion that an organization can become invulnerable if only it...

It was the most significant breach ever reported, but its origins were not uncommon. The 2024 Change Healthcare ransomware attack, which affected 190 million individuals and came with a price tag of $2.6 billion (and counting), started with an unauthorized intrusion.We spend billions of dollars annually on the best cybersecurity equipment innovated to date, but more and more, attackers are skating...

What Is a Purple Team?In cybersecurity, a purple team is a group that combines offensive red team capabilities with defensive blue team insights to provide a truly collaborative, well-balanced security posture. “Purple teaming” is more than a work group; it should be a philosophy.If you’re familiar with offensive security, red and blue team structures are well known. To review:Red Teams: Perform...

MedusaLocker, the ransomware-as-a-service (RaaS) group that has been active since 2019 is openly recruiting for penetration testers to help it compromise more businesses. As Security Affairs reports, MedusaLocker has posted a job advert on its dark web leak site, which pointedly invites pentesters who already have direct access to corporate networks to make contact."If you don't have access,...

Cybersecurity experts from over 70 countries share their insights, candor, and challenges when it comes to raising the level of cybersecurity awareness in their organizations. Learn how Fortra’s Terranova Security can help.

It is the largest phishing simulation in the world: Fortra’s Terranova Security’s yearly Gone Phishing Tournament (GPT) tests over 1.37 million end users across 142 countries and 31 languages. The results don’t lie – but this year they may be surprising.