Here's a curious thing about people, sometimes we crave the familiar, and sometimes we demand the novel.

Think about your digital spaces. You’ve got your corporate email, which we all treat a bit like a high-security bank vault. We approach it with caution, we're suspicious of unfamiliar senders, and we’re primed to spot a dodgy attachment. Then, you have WhatsApp. That’s the digital equivalent of your living room. It’s comfy, familiar, and filled with people you (mostly) trust. Our guard is down.

In recent weeks, the UK government has announced the introduction of its new Cyber Security and Resilience Bill.

The integration of artificial intelligence into the modern workplace represents a paradigm shift in productivity and innovation.

We’ve come a long way. We’ve deconstructed the problem, explored the complexity of humans, and laid out a strategic framework and a practical map—all of which can be explored in more detail in our Human Risk Management (HRM) whitepaper.

The conversation about AI in cybersecurity is missing the point. While the industry has been focused on the emergence of AI-generated phishing emails, perhaps a far more profound shift has been somewhat ignored. 

Welcome back. We have our DEEP framework which was explored in the previous blog post, and discussed in depth in our most recent human risk management (HRM) whitepaper, but a framework is only useful if we can apply it.

The problem is, we don't have "users." We have a complex collection of individuals, each with different motivations, pressures, and levels of security savvy. A one-size-fits-all approach is doomed to fail.

As cyber threats continue to evolve at breakneck speed, staying ahead of the curve isn't just important, it's essential.

In our previous blog post, we discussed the behavioral science behind why people click on malicious links.

Welcome back. In our last blog post, we talked about the great divide between tech-focused and people-focused security.

Let’s be brutally honest. For years, our industry has been locked in a civil war. In one camp, the technologists have been building higher walls and smarter traps, arguing that the right AI-powered, next-gen firewall will solve all our problems.

Many years ago, a friend of mine worked as a security director at a firm and had what they called an “audit box.” It was a pre-prepared box filled with policies, network diagrams, security controls and checkboxes.