Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

Security by design has long been something of a holy grail for cybersecurity professionals. It’s a simple concept: ensure products are designed to be as secure as possible in order to minimize the chances of compromise further down the line. The concept has been expanded further in recent years to signify an effort to embed security into every part of an organization – from its DevOps pipelines to its employees’ day-to-day working practices. By creating a security-first culture like this, organizations will be both more resilient to cyberthreats and better equipped to minimize their impact if they do suffer a breach.

Technology controls are, of course, an important tool to help create this kind of deeply embedded security culture. But so too is phishing awareness training – which plays a hugely important role in mitigating one of the biggest threats to corporate security today and must be a staple in general cybersecurity awareness training programs. Phishing awareness training: Help your employees avoid the hook