by Lisa Forte | Nov 25, 2021 | Cyber Exercise
We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and the reporting to regulators. This all happens within the first few hours or days of a breach being discovered. What about after that? Last week I ran... 
by Piers Shearman | Oct 19, 2021 | Social Engineering
A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim Company’s branch manager received a phone call that claimed to be from the company headquarters. The caller sounded like... 
by GoatSiteAdmin | Aug 19, 2021 | Insider Threat, Social Engineering
Lisa Forte’s Defcon 2021 talk on social engineering and insider threat. Transcript to... 
by Lisa Forte | Jul 5, 2021 | Cyber Exercise
The Gold-Silver-Bronze or ‘GSB’ command structure was rooted in and developed heavily by the UK emergency services. It was designed to establish a clear hierarchical framework and operational clarity for the command of major incidents or disasters. It is now used by... 
by Piers Shearman | Apr 27, 2021 | Insider Threat
What happened? An engineer who worked for Coca Cola and other manufacturers is alleged to have stolen valuable trade secrets in order to set up her own company in China using the stolen technology. Xiarong You has been accused of insider theft and economic espionage... 
by Lisa Forte | Mar 25, 2021 | Insider Threat
Tesla Insider Threat Case Study According to the official Filing, Tesla is suing a former employee and software engineer named Alex Khatilov alleging trade secret theft and breach of contract. What actually happened? Khatilov was hired by Tesla in to work on... 
by GoatSiteAdmin | Mar 9, 2021 | Cyber Exercise
CEO Digital Show This week Lisa was on the CEO Digital show discussing Wargaming, Cyberattacks, Protecting Against Romance Fraud, & ‘Astronaut Thinking’ in Leadership. Key points (according to the podcast) We heard about Lisa’s experience coming into a... 
by Piers Shearman | Jan 20, 2021 | Social Engineering
TV Licence Phishing Emails In the UK a licence is required to watch live TV in the home. With lockdown continuing and people’s reliance on entertainment increasing, It is unsurprising that in the UK, criminals have increased the amount of tv licence phishing emails... 
by Piers Shearman | Nov 18, 2020 | Social Engineering
Vishing (voice phishing) is a type of phone fraud which use social engineering to extract information or credentials from a victim. Attackers often use a pretext to misrepresent their authority or position in order to trick the victim into compliance. Attackers... 
by Lisa Forte | Oct 12, 2020 | General
Getting your staff to change their security behaviour It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear is the most effective tool for stimulating behavioural change. Fear of crime is necessary but not sufficient to... 