De nos jours, le partage de renseignements sur les cybermenaces est considéré comme nécessaire pour survivre aux cyberattaques actuelles et futures en travaillant de manière proactive. Les organisations peuvent se voir contraindre d’avoir un programme de renseignement sur les menaces et de partager leurs informations. À ce titre, les parties prenantes pourraient être tenues responsables …
La formation en cybersécurité permet aux organisations de sensibiliser leurs employés aux meilleures pratiques en matière de sécurité de l’information. La formation et la sensibilisation des employés est un domaine critique et négligé de la cybersécurité. En effet, environ 19% des entreprises canadiennes ont fourni une formation officielle pour développer ou améliorer leurs compétences liées …
Cybersecurity training allows organizations to raise awareness among employees about information security best practices. Employee training and awareness is a critical and neglected area in cybersecurity. Indeed, about 19% of Canadian businesses provided formal training to develop or upgrade their cybersecurity-related skills, and a little over half (51%) of them shared general cybersecurity practices through …
Mahreen Naisir, Fahan Mahmood and Vipul Malhortra from the University of Windsor presented their analysis of data from the Statistics Canada Cybercrime Survey at our 2019 Workshop in Ottawa. This was as part of a competition aiming to better align recent evidence and statistics with best practices for business. Participants thoroughly examined the data from …
De plus en plus d’entreprises élargissent la flexibilité de leur main-d’œuvre. Cependant, les différents types de poste au sein des organisations soulèvent des enjeux et un niveau d’engagement différents. Cela est particulièrement vrai pour les employés temporaires qui ont peu de raisons de s’engager envers leur organisation. Le respect des politiques en matière de sécurité …
More and more companies have been increasing the flexibility of their labor force. However, labor forces with different employee positions within the organization bring different stakes and level of commitment. This is particularly true with temporary employees who have little reason to be committed towards their organization. Complying with the security policies requires time and …
Security operations and secure development are critical requirements that receive significant personnel, resources, training and other kinds of attention. As best practices proliferate, there has been little empirical research as to which are most effective and why. In this talk, I will review recent empirical studies that examine in depth the utility of threat modeling, …
Les fraudes sentimentales en ligne représentent l’arnaque la plus courante et la plus lucrative au Canada. La plupart de ces fraudes impliquent des criminels qui créent de faux profils en ligne sur des sites de rencontres et des sites de réseaux sociaux pour attirer des personnes dans des relations afin de leur soutirer de l’argent. …
Online romance scams are the most common and lucrative scam in Canada. Most of these scams involve criminals creating fake online profiles on dating sites and social networking sites to draw individuals into relationships to trick them out of money. Seven hundred sixty victims in Canada reported losses of more than $22.5 million to the …
Evidence based cybersecurity is an approach aiming to support security professionals’ and policy makers’ decision-making processes regarding the deployment of security policies and tools, by calling for rigorous scientific investigations of the effectiveness of these policies and tools in achieving their goals in the wild. This approach focuses on the human players who use cyberspace …