Almost every day, a fresh batch of attack incident and breach reports detailing the latest victims of hacking, fraud, incompetence, espionage and apathy seem to dominate tech news.

The total number of attacks and accumulate volume of affected data is staggering, and 2018 has been no exception.

The task of establishing and maintaining an effective information security (InfoSec) awareness program that provides personnel with all the security and privacy information they need for their jobs is complex, frustrating, and thankless, but also unavoidable.

There is a growing number of data protection and security laws, regulations, and guidelines that explicitly require employees undergo specific, formal, and ongoing InfoSec or privacy awareness training. Now more than ever, personnel who have not been sufficiently educated are exposing their employers to an increased risk of being deemed noncompliant.

Data security challenges and threat vectors vary according to business or industry context, but all data security standards and governing legislation have one thing in common: they are all, fundamentally, mechanisms or strategies for protecting specific data within a particular environment.

Cyber-attack has become an inevitable threat. Although not always successful, a near constant onslaught of attacks keep pushing, probing, and penetrating digital defenses. It seems like regardless of a system’s size or how much diligence goes into preparing for or hardening against attack, no-one is safe.

Traditionally, in a military sense, attack is typically physical, can come from anywhere, happen anytime, and can take many forms. Military threats come physically from land, sea, air, or space, and over the last couple decades, interconnectivity has spurred large-scale digitization of military forces and resources ... causing a new digital threat landscape to emerge.

As another Christmas shopping season approaches, annual rhetoric about threats to information and payment security have started to ramp-up as they do every year ... and THIS article is no exception.

A Botnet is a collection malware-infected, internet-connected devices which can be remotely controlled as a group without the actual owner’s knowledge or permission. Botnets are often used to dispatch spam messages or as part of a Distributed Denial of Service (DDoS) attack which floods a target system with so much traffic that it fails. The ‘Internet of Things’ (IoT) has been described as “an electronic skin” which is poised to start covering the earth in a web of internet-connected devices that communicate and work together to improve our lives.

We’ve all heard it countless times before and while emails remain among the most common vehicles for criminals to infect our systems with malicious code and ransomware, new and far more menacing threats are emerging as instances of ransomware continue to increase.

 In a single word ... power. Hackers covet the power to do what they want or to change what they do not, and in most cases they use information as the vehicle by which they pursue and gain power.  In political or diplomatic terms, power can be objectively defined as: "The capacity or ability to direct or influence a course of events or the behavior of others" and that is exactly what hackers aim to do, too.

With the ever-present and growing number of cyber criminals, hackers, data-breaches and electronic scams described by mainstream media on an almost daily basis, it’s clear that information and data have become two of the most valuable targets for thieves.