awareness training Archives - Jean-Christoph von Oertzen

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

jean-christoph — Sun, 09 Feb 2025 18:52:45 +0000

Why We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime, […]

The post Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity appeared first on Jean-Christoph von Oertzen.

European Cybersecurity Awareness Month: Key Takeaways for a Safer Digital Future

jean-christoph — Mon, 02 Dec 2024 23:16:02 +0000

October is synonymous with the European Cybersecurity Awareness Month (ECSM), a time when cybersecurity professionals around the world unite to promote awareness and share valuable insights. Throughout this month, I shared a series of LinkedIn posts that highlighted various facets of cybersecurity, including password managers, multifactor authentication (MFA), the dangers of phishing, and the revolutionary […]

The post European Cybersecurity Awareness Month: Key Takeaways for a Safer Digital Future appeared first on Jean-Christoph von Oertzen.

Boosting Cybersecurity in German SMEs with Gamification and Serious Play

jean-christoph — Wed, 01 May 2024 13:14:14 +0000

TL;DR Gamified cybersecurity training offers an engaging and effective way to improve security awareness and practices within German SMEs. The ALARM Information Security project demonstrates the success of integrating gamification into training, enhancing retention and understanding of cybersecurity principles. By leveraging customized game scenarios, regular workshops, and participatory feedback loops, SMEs can bolster their cybersecurity […]

The post Boosting Cybersecurity in German SMEs with Gamification and Serious Play appeared first on Jean-Christoph von Oertzen.

Ethical considerations in phishing tests: to inform employees or not?

jean-christoph — Sat, 13 Jan 2024 12:25:55 +0000

TL;DR This article delves into the ethical considerations in phishing tests, highlighting the balance needed between conducting realistic simulations and maintaining fairness in cybersecurity training. This article explores the complexities of conducting phishing simulations in the workplace. Key takeaways include the importance of transparency in fostering a positive security culture, building trust through clear communication, […]

The post Ethical considerations in phishing tests: to inform employees or not? appeared first on Jean-Christoph von Oertzen.

Summary of a LinkedIn Post Series: Ideas and Insights for Effective Security Awareness in Cybersecurity Awareness Month

jean-christoph — Mon, 27 Nov 2023 08:34:39 +0000

Introduction Welcome to a summary overview of my LinkedIn posts published during the Cybersecurity Awareness Month in October 2023. Throughout this month, I delved deeply into the topic of security awareness, sharing valuable insights and strategies to enhance awareness in businesses. This article summarizes the key aspects of my discussions and highlights the importance of […]

The post Summary of a LinkedIn Post Series: Ideas and Insights for Effective Security Awareness in Cybersecurity Awareness Month appeared first on Jean-Christoph von Oertzen.

Why your security team needs more than just tech skills

jean-christoph — Fri, 06 Jan 2023 13:10:34 +0000

Human error is the leading cause of data breaches. According to the 2022 Verizon Data Breach Incident Report, 82% of breaches in 2022 involved the human element. People have become the primary attack vector. But, according to the SANS 2022 Security Awareness Report, the status quo in most security teams is a 10 to 1 […]

The post Why your security team needs more than just tech skills appeared first on Jean-Christoph von Oertzen.

Event takeaway: Deutscher IT-Security Kongress

jean-christoph — Thu, 07 Oct 2021 19:09:39 +0000

My key takeaways hardening backup systems is key disconnected from the AD designed in a way, that it may continue functioning even if all other systems are shut down due to testing and verification of software patches in most B2B environments before rollout, the time a system remains unpatched is prolonged more time for the […]

The post Event takeaway: Deutscher IT-Security Kongress appeared first on Jean-Christoph von Oertzen.

WEBINAR TAKEAWAY: When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

jean-christoph — Wed, 09 Dec 2020 20:40:43 +0000

MY KEY TAKEAWAYS already 20 years ago, Kevin Mitnick testified before US Senate and highlighted social engineering and the need for training. Still today changing human behaviour is most times the weakest point. threat actors have almost unlimited time to do extensive research before an attack, so they are extremly good at buidling the trust […]

The post WEBINAR TAKEAWAY: When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust appeared first on Jean-Christoph von Oertzen.