Guarantees
Our post

Resources and Insights

The latest cyber security news, interviews, technologies, and resources.
The Psychology of Phishing Defenses: A No-Bull Look at Three CISOs
Educational

The Psychology of Phishing Defenses: A No-Bull Look at Three CISOs

Think all CISOs are created equal? Think again. Last week, I got up close and personal with three Fortune 500 CISOs, and what I found was a cybersecurity circus. From punitive drill sergeants to overconfident gamblers, the range was staggering. But there was one Visionary who stood out. Dive into this no-holds-barred account that exposes the glaring gaps in cybersecurity thinking and why psychology can't be ignored!
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
September 2, 2023
Drop Phish Click Rates Below 1% - GUARANTEED With PhishFirewall!
Company News

Drop Phish Click Rates Below 1% - GUARANTEED With PhishFirewall!

Tired of phishing attempts slipping through the cracks? At PhishFirewall, we don't just promise security; we deliver it. With our ironclad guarantee, we’ll bring your phish click rates below 1% within 6 months. But hey, why stop at 1% when our clients average a stunning 0.48% click rate after just four months on the system? Now that's a guarantee worth talking about!
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 30, 2023
The Cost of a Data Breach
Educational

The Cost of a Data Breach

Data breaches are becoming increasingly common occurrences, but they are also increasingly expensive. According to a recent report by IBM and the Ponemon Institute, the average cost of a data breach was estimated to be $3.86 million in 2020. This includes recovery costs, disruption to business operations, and reputational damage, as well as myriad other financial losses. Companies should strive to protect their data and information assets in order to avoid such a costly event.
MARK PETROFF
MARK PETROFF
August 2, 2023
A Positive Security Awareness Training Program Reduces Insider Cyber Threats
Educational

A Positive Security Awareness Training Program Reduces Insider Cyber Threats

The vast majority of employees do their level best to exercise due diligence and protect a company’s digital assets. However, many employees lack the necessary training, and The effectiveness of security awareness training efforts is largely dependent on how employees perceive the program. If staff members view it as another task that reduces their productivity and leads to more stress, they are likely to treat it like an unwelcome chore. That’s why positive employee attitudes are the bedrock of successful cybersecurity programs.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
2022 Election Cyber Security
Educational

2022 Election Cyber Security

The approach of the US election season is a good time to reflect on cyber threats to our political process, particularly from foreign state adversaries due to their vast resources, advanced capabilities, and malign intent. Cyber threats to our election system also come from other sources, such as hacktivists and criminal organizations, but while they too can create problems, they are not on the same scale or level of competence as those posed by autocratic states like China, Russia, and Iran.
GREGORY SIMS
GREGORY SIMS
August 2, 2023
Top 5 Cognitive Biases Used by Social Engineers
Educational

Top 5 Cognitive Biases Used by Social Engineers

Phishing attacks are a common form of cybercrime that rely on psychological manipulation to trick victims into giving away sensitive information or funds. These attacks often use cognitive biases, which are mental shortcuts that people use to make decisions quickly and easily. Here are the top five cognitive biases used in phishing attacks, along with examples of what the phish might look like for each bias.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
2023 CyberSecurity Predictions: An Escalation of Cyber Warfare
Cyber News

2023 CyberSecurity Predictions: An Escalation of Cyber Warfare

The threat from nation state threat actors will loom much larger in 2023 as the gloves come off between the market-based democracies and authoritarian adversaries like China, Russia, and Iran. Up to now the narrative about cybersecurity has mostly centered on criminal threats. Next year will bring greater attention to state-conducted and state-sponsored cyber espionage efforts and infrastructure attacks.
GREGORY SIMS
GREGORY SIMS
August 2, 2023
Punishment to Partnership: Improve Your Phishing Simulations
Educational

Punishment to Partnership: Improve Your Phishing Simulations

One of the most common features of phishing simulations within the enterprise is landing pages that are designed to determine if users will type in their credentials. At first glance, this might seem like a good idea for identifying vulnerable employees. However, it’s actually a form of exploitation that can lead to a punitive culture within the organization.
CRYSTAL FONTAINE
CRYSTAL FONTAINE
August 2, 2023
You better watch out. Holiday Cyber Grinches are about.
Educational

You better watch out. Holiday Cyber Grinches are about.

Cyber crime is on a historic rise this year, and that means you and your employees are also more vulnerable than ever to emerging cyber threats. This Cyber Monday, making sure your workforce, remote and otherwise, understand online shopping safety basics should be a top cybersecurity priority for your organization. According to February 2022 Gallup survey, 42% of US employees have a hybrid work schedule, and 39% work entirely from home, increasing the odds that your employees are doing more online shopping on-the-clock than ever before.
JOE LAHART
JOE LAHART
August 2, 2023
Unzipping a New Era of Cybersecurity Threats: The '.zip' Domain
Educational

Unzipping a New Era of Cybersecurity Threats: The '.zip' Domain

This comprehensive article explores phishing and deceptive URL use in cybercrime, with a spotlight on Google's newly introduced .zip and .mov domains. It includes analysis of domain registration data, potential misuse of new domains, and offers phishing prevention best practices. The piece is a critical read for anyone seeking to understand the evolving landscape of cybersecurity threats.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
Kindness as a Strategy: A New Approach to Security Awareness
Educational

Kindness as a Strategy: A New Approach to Security Awareness

It's time to revolutionize security awareness programs by embracing the Carrot-First approach, which focuses on positive reinforcement, empathy, and respect. This methodology fosters collaboration, shared responsibility, and a culture of security that nurtures learning and behavior change. By ditching punitive methods and prioritizing kindness in cybersecurity training, organizations can create a more effective and resilient security culture.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
Revolutionizing Digital Learning: NoLMS AI Driven Methodology Explained
Educational

Revolutionizing Digital Learning: NoLMS AI Driven Methodology Explained

The landscape of education and training is ripe for change, and NoLMS, with its AI-driven, personalized, and engaging approach to learning, is poised to lead this revolution.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
Don't Let Third-Party Cloud Threats Steal Your Sunshine
Educational

Don't Let Third-Party Cloud Threats Steal Your Sunshine

Learn how to protect your business from potential security risks posed by third-party cloud services. Our comprehensive guide provides insights into identifying these threats and implementing robust security measures to safely leverage the benefits of cloud computing. Stay alert, be prepared, and keep your business secure in the digital skies.
CRYSTAL FONTAINE
CRYSTAL FONTAINE
August 2, 2023
Overcoming Phishing: 5 Mistakes to Avoid in Your Security Awareness Training
Educational

Overcoming Phishing: 5 Mistakes to Avoid in Your Security Awareness Training

Overcoming phishing threats requires a shift in mindset and approach to security awareness training. By avoiding common mistakes, such as victim blaming, focusing on timely training, providing constructive feedback, prioritizing education over punishment, and utilizing micro-content, organizations can create a resilient cyber culture. Embracing PhishFirewall's pioneering solutions, like their innovative noLMS approach, gamified training, and AI cyber coaching, will revolutionize security training and build a stronger, more secure future for organizations.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
Unmasking Cybercriminals: The Psychology Behind Phishing Tactics and Online Safety
Educational

Unmasking Cybercriminals: The Psychology Behind Phishing Tactics and Online Safety

Explore the deep psychology behind phishing scams and how cybercriminals exploit human vulnerabilities. Understand their manipulation tactics and learn crucial defense strategies. Equip yourself with the knowledge to stay safe in the digital landscape.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
Security Awareness Training & Phishing Simulations: A Must for HIPAA-Compliant Healthcare
Educational

Security Awareness Training & Phishing Simulations: A Must for HIPAA-Compliant Healthcare

Explore the crucial role of security awareness training and phishing simulations in HIPAA-compliant healthcare data management. Understand why these practices are essential in protecting sensitive patient data and maintaining trust in today's rapidly evolving cybersecurity landscape.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
PhishFirewall's Effective Security Awareness Training for a Cyber-Resilient Workforce
Educational

PhishFirewall's Effective Security Awareness Training for a Cyber-Resilient Workforce

Discover how PhishFirewall's innovative approach to cybersecurity training, combining microlearning, cognitive psychology, and AI technology, transforms employees into a resilient, first line of defense against evolving cyber threats. Schedule a demo today and embrace the future of cybersecurity.
JOSHUA CRUMBAUGH
JOSHUA CRUMBAUGH
August 2, 2023
Conquering the Digital Frontier: Mastering Cybersecurity in the Remote Work Era
Educational

Conquering the Digital Frontier: Mastering Cybersecurity in the Remote Work Era

Embrace the new era of remote work safely and securely with our comprehensive guide. Understand the common cyber threats - phishing, ransomware, MitM, and brute force attacks - and learn effective measures like advanced security suites, secured Wi-Fi, MFA, VPN, regular updates, and cybersecurity training to safeguard your digital workspace.
CRYSTAL FONTAINE
CRYSTAL FONTAINE
August 2, 2023
Okta Breach Reveals: It's Time to Hack the Human Psyche, Not Just Systems
Cyber News

Okta Breach Reveals: It's Time to Hack the Human Psyche, Not Just Systems

The recent Okta breach is a stark reminder that the battleground for cybersecurity is not just in the servers, but in the synapses of every employee's brain. 'You can't patch stupid' is a defeatist adage that our industry clings to, yet this breach shows the fallacy of such thinking. Our latest post delves into why a mindset shift is imperative, from outsmarting hackers to outsmarting our own behavioral pitfalls. We argue that the only real fix to the phishing scourge is a revolutionary change in organizational culture, powered by behavioral science. Join us as we explore how ethical hacking and culture change are the duo that can reclaim cybersecurity's future.
JOSHUA CRUMBAUGH
November 7, 2023
New York's Cybersecurity Law: A Deep Dive into Its Strengths and Shortcomings
Cyber News

New York's Cybersecurity Law: A Deep Dive into Its Strengths and Shortcomings

New York's financial sector is now governed by the Second Amendment to 23 NYCRR 500, a set of cybersecurity regulations. While the amendment introduces robust technical and procedural requirements, it notably overlooks the human element of cybersecurity. Behavioral science principles, such as cognitive load theory and spaced learning, emphasize the need for digestible, continuous training. Over 90% of breaches start with human error, yet regulations like this one sideline the human element. For cybersecurity measures to be truly effective, continuous security awareness training must be prioritized, ensuring that every individual is empowered with the knowledge and skills to combat cyber threats.
JOSHUA CRUMBAUGH
November 3, 2023
Consent Phishing: The Wolf in Sheep's Clothing
Cyber News

Consent Phishing: The Wolf in Sheep's Clothing

Consent phishing is a sneaky tactic where hackers pretend to be trustworthy apps or services to trick people into giving them permissions. Once they have these permissions, they can get into real cloud services and steal sensitive data. This post will explain what consent phishing is, how it works, and how to protect against it, with a focus on the innovative solutions provided by PhishFirewall.
JOSHUA CRUMBAUGH
November 2, 2023
Navigating the New NIST Training Guidelines: What You Need to Know
Cyber News

Navigating the New NIST Training Guidelines: What You Need to Know

Unpacking the NIST Cybersecurity Framework 2.0 Public Draft is like unboxing a new gadget—it’s the same but better. The proposed changes in the training requirements are subtle but pinpointed for clarity, trimming any room for misinterpretation. While most vendors miss the mark on role-based training, the new draft illuminates these gaps. Dive in to understand how these changes might be more significant than you think.
JOSHUA CRUMBAUGH
October 27, 2023
wormgpt: Combating AI-Driven BEC Attacks with AI-Powered Cybersecurity Solutions
Cyber News

wormgpt: Combating AI-Driven BEC Attacks with AI-Powered Cybersecurity Solutions

🚨 AI-driven BEC attacks are on the rise, with cybercriminals exploiting advanced tools like WormGPT to craft highly convincing phishing emails. Traditional security measures just won't cut it anymore. It's time to embrace PhishFirewall's innovative noLMS approach, gamified training, and AI cyber coaching to empower employees and stay ahead of these evolving threats. Let's redefine #cybersecurity training together! 💪 #PhishFirewall #BECattacks #AIDrivenCybersecurity
JOSHUA CRUMBAUGH
July 19, 2023
The Ch@ngeme! Conundrum: Strengthening Cybersecurity in Schools and Beyond
Cyber News

The Ch@ngeme! Conundrum: Strengthening Cybersecurity in Schools and Beyond

🚨 The Ch@ngeme! incident at a Michigan high school highlights the importance of cybersecurity awareness in schools & service providers. Top 5 best practices: 1️⃣ Strong password policies 2️⃣ Cybersecurity education for students & staff 3️⃣ Clear communication channels 4️⃣ Regular security assessments 5️⃣ Fostering a culture of security awareness
JOSHUA CRUMBAUGH
July 19, 2023
Pioneering Role-Based, Micro-Sized Cybersecurity Training for the Modern Workplace
Cyber News

Pioneering Role-Based, Micro-Sized Cybersecurity Training for the Modern Workplace

Discover PhishFirewall, the revolutionary cybersecurity training solution offering role-specific, time-efficient microlearning modules. Transform your team's cybersecurity awareness with our personalized, AI-enhanced approach. Make the switch to PhishFirewall. Redefine cybersecurity education in your organization.
CRYSTAL FONTAINE
June 15, 2023
Cybersecurity: Guardian or Tyrant? The Hidden Icebergs in Corporate Waters
Cyber News

Cybersecurity: Guardian or Tyrant? The Hidden Icebergs in Corporate Waters

Unchecked authority given to cybersecurity teams is a hidden iceberg posing potential threats to corporate harmony and functionality. Practices like punitive phishing simulations, imposing the 'my way or the highway' approach, fostering a superiority complex, and exploiting user trust can cause more harm than good. To foster a productive, respectful, and safe digital environment, organizations must balance their approach, allowing cybersecurity teams to serve as a collaborative force rather than an autocratic entity. PhishFirewall challenges these traditional practices, providing a non-punitive, gamified platform to create an atmosphere of continuous learning and mutual respect in the cyber realm, turning cybersecurity from a liability into an asset.
JOSHUA CRUMBAUGH
June 15, 2023
The AI Revolution: Transforming Customer Success in 2023
Cyber News

The AI Revolution: Transforming Customer Success in 2023

Explore the transformative role of AI in customer success in 2023. Learn how AI is reshaping business strategies and enhancing customer experience by predicting behavior, automating tasks, and extracting actionable insights from data.
CRYSTAL FONTAINE
June 7, 2023
Cybercrime Explosion: Navigating the PaaS Tsunami and the Lifeline of Security Training
Cyber News

Cybercrime Explosion: Navigating the PaaS Tsunami and the Lifeline of Security Training

Explore the challenges of rising cyber threats such as Phishing-as-a-Service and access brokers in our digital age. Discover the critical role of security awareness training and proactive defensive measures in combating these threats and ensuring a safe, secure digital ecosystem.
CRYSTAL FONTAINE
June 2, 2023
Choosing NoLMS over Traditional LMS: A Shift Towards Personalized Training
Cyber News

Choosing NoLMS over Traditional LMS: A Shift Towards Personalized Training

Discover why NoLMS is replacing traditional Learning Management Systems in cybersecurity training. Learn how AI, personalized learning pathways, micro-learning, role-based training, and advanced analytics are reshaping cybersecurity education.
JOSHUA CRUMBAUGH
May 24, 2023
Magnetic Attraction: A Woman's Tale of Machine Learning and New Technologies
Cyber News

Magnetic Attraction: A Woman's Tale of Machine Learning and New Technologies

Explore the fascinating intersection of artificial intelligence and materials science in 2023. Discover how machine learning is revolutionizing magnetic materials research, enhancing device performance, and redefining technological possibilities.
CRYSTAL FONTAINE
May 23, 2023
Don't Be a Cybersecurity Tool: Embrace the AI Revolution
Cyber News

Don't Be a Cybersecurity Tool: Embrace the AI Revolution

Cybersecurity has traditionally leaned on a range of tools to safeguard organizations from threats. However, these traditional approaches often lag behind the ever-evolving cyber threat landscape, with vulnerabilities arising from misconfigurations, improper usage, and reliance on human intervention. AI is set to revolutionize cybersecurity by automating threat detection and responses, allowing for faster and more precise actions. It minimizes human error, accelerates responses, and is able to learn and adapt from past incidents, thus offering a more dynamic and proactive defense system.
JOSHUA CRUMBAUGH
May 19, 2023
Breaking Through the Glass Firewall: A Deeper Dive into the Role of Women in Cybersecurity
Cyber News

Breaking Through the Glass Firewall: A Deeper Dive into the Role of Women in Cybersecurity

Explore the evolving landscape of cybersecurity through the lens of gender diversity. This article delves into the increasing role of women in cybersecurity, their significant contributions, and the importance of an inclusive future. Uncover how diversity strengthens digital defense and learn about the inspirational women leading the charge.
CRYSTAL FONTAINE
May 12, 2023
The Double-Edged Sword of AI in Ransomware: Savior or Saboteur
Cyber News

The Double-Edged Sword of AI in Ransomware: Savior or Saboteur

One of the most pressing questions is whether AI will be able to prevent ransomware attacks, or whether it will be used for ransomware attacks.
CRYSTAL FONTAINE
May 6, 2023
2023 CyberSecurity Predictions: An Escalation of Cyber Warfare
Cyber News

2023 CyberSecurity Predictions: An Escalation of Cyber Warfare

The threat from nation state threat actors will loom much larger in 2023 as the gloves come off between the market-based democracies and authoritarian adversaries like China, Russia, and Iran. Up to now the narrative about cybersecurity has mostly centered on criminal threats. Next year will bring greater attention to state-conducted and state-sponsored cyber espionage efforts and infrastructure attacks.
GREGORY SIMS
February 23, 2023
2023 CyberSecurity Predictions: AI vs AI – The Future of Cybersecurity
Cyber News

2023 CyberSecurity Predictions: AI vs AI – The Future of Cybersecurity

One of the biggest trends in cybersecurity expected in 2023 is the rise of AI-driven phishing attacks. These attacks are particularly dangerous because they use artificial intelligence to create customized, highly targeted messages that are designed to trick individuals into giving away sensitive information or clicking on malicious links.
JOSHUA CRUMBAUGH
February 14, 2023
Photo Representing how secure Huntsville is

Huntsville: A Beacon for Cybersecurity

Huntsville is a hub of technology and innovation, making it a lucrative target for cybersecurity threats. Learn How Phishfirewall Helps!
Read post
Joshua's interview with Business Insight

Cyber Security Executive 2022 | Joshua Crumbaugh, PhishFirewall | Business Insight Group

Phishfirewall's CEO Joshua discusses current phishing trends with the Business Insight Group!
Watch Now
Photo of Phishing Attack

How AI and Machine Learning are Changing the Phishing Game

Joshua discusses how AI and machine learning are redefining how the industry looks at phishing.
Read post

Learn Why World Leading Advisory Firm, Frost & Sullivan, Recommends Phishfirewall!

Strengthen your Security Awareness Training with Frost & Sullivan's white paper! Gain insights on why training is more effective when you employ an AI-powered SAT program to protect your business. Download this essential resource today!
We care about your data, learn more in our privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.