CyberPilot blogJoin our +4000 subscribers and sign up for our newsletter.
CIS Controls v8 has 18 security safeguards to protect your organization. See how to meet the security awareness training requirements of Control 14.
8 out of 10 security issues are related to weak passwords. Ensure your employees use strong passwords by downloading our free password policy template.
AI tools like ChatGPT make work much easier. But they can also be exploited by cybercriminals. See how AI makes writing a phishing email a breeze.
Ethical use of data can help organisations comply with the GDPR and limit IT security risks. Why data ethics should be part of your IT security.
An emergency response plan is a documented process that outlines the steps an organization must take in the event of a cybersecurity incident.
Security awareness training creates awareness among your employees and strengthens your security. It can cover topics within IT security and the GDPR.
Security breaches continue to rise. We've gathered the biggest security breaches of 2022 and show you how you can protect your organisation from a breach.
What are the largest GDPR fines? How do you avoid getting a GDPR fine? We run through the rules for GDPR fines and expectations for 2023.
Spear phishing, whaling and CEO-fraud are 3 types of phishing every company should know about. Train your employees and prevent them from happening.
You can do security awareness and GDPR training online or in person. We discuss different types of training and how to do it effectively.
Cost is likely a big factor in how you train your team on IT security. We discuss the cost of training employees and how it leads to long term savings.
Not everybody needs to have access to all personal data. Here are 4 recommendations on how to control access to personal data.
The Danish Data Protection Agency has published statistics on GDPR security breaches. Find out the most common security breaches and how to avoid them.
Privacy By Design means making sure that privacy is prioritized every time we are designing products, processes and much more.
Studies show that 80% of organisations report that phishing awareness training reduces the risk of falling for a phishing attack. So yeah, it does work!
Mobile Device Management (MDM) can help you secure and monitor the mobile devices your organisation uses for work. Here is how!
Learn the difference between an ISO 27001 certification and an ISAE 3402 report. A comprehensive guide to help you choose a report and get started.
How do you choose which free online tools employees can use? Here's a few thing to consider when creating guidelines.
A strong security culture is the foundation of a safe organisation. We share the best things you can do to develop a strong security culture in your company.
What are the 7 principles of the GDPR? We walk you through the 7 principles of data protection to help you get one step closer to becoming GDPR compliant.
Data discovery is the process of mapping out all sensitive personal data you got in your company. This helps find data that you didn't know you had so that you can protect it
We examine different data breaches and how they can affect your business. We also show you the different steps you can take to protect your organization.
We break down the difference between training and learning and help you to encourage a culture of learning within your organizaiton.
Data breaches are expensive. We use IBM’s 2022 Cost of a Data Breach Report to cover how a breach could impact your company and how to avoid breaches.
A Safety Detectives interview with our CEO - Rasmus. Learn about CyberPilots history and how we see the Awareness world develop.
A data processing agreement is a contract between a data controller and a data processor. It must be signed in order to comply with the GDPR.
Phishing is the biggest security threat that companies are facing today. That's why you should train your employees in recogninsing phishing attempts.
Perhaps someone in your organization is using these common passwords? They could be putting your organization in danger - see how to improve your passwords.
Microlearning makes your awareness training engaging and manageable. See how microlearning supports information retention and can help your organisation.
The NIS2 strengthens cyber security requrements for companies across the EU. It establishes a framework and sets a baseline for future cyber security
Angler phishing is a type of phishing that occurs on social media. Cyber criminals disguise themselves as a customer service agent and tries to trick you.
Awareness training works. The research says so. We've also asked some of our customers what they have to say about our training. Find out what they said!
2FA protects your online data by adding an extra layer of security to your accounts. It should be an essential part of your IT-security
We improve our courses all the time, but sometimes we forget to tell people how. Here's what we've been working on for the last year.
Data privacy is often seen as a human right. But what does it exactly mean for you and your company? Read about data privacy and get 5 tips on what you can do.
Password managers is a great way to keep track of all of your passwords. You only need to remember one password to access all of your passwords. Read more.
Ransomware is a type of malware which is used to blackmail companies. Here's are some concrete tips on how to avoid it.
Training your colleagues on IT-security topics is essential. See how you can make a training program with phishing and social engineering courses.
The Plan Do Check Act cycle (PDCA) is a method to ensure continuous improvements. Here's what it is and how it can improve your cyber security.
A risk analysis is useful for your organisation's IT security. Download our free risk analysis template and follow our step-by-step guide to get started.
GDPR training and security awareness training keep your organisation secure. They also help you meet the GDPR's staff IT security training requirements.
Get the free template and read our tutorial, which takes you through an Acceptable Use Policy example. The AUP helps your company’s cyber security.
Barrel phishing is a type of phishing attack where the criminals tries to start a conversation with you before they send the malicious link. Read about it here.
Get our free IT security policy template and follow the guide on how to use it. A good information security policy will strengthen your organisation.
Pharming is a type of phishing but it's nothing like normal phishing attacks. Read what it is and how your company can avoid be victims of pharming.
Security awareness training prepares your team for cyber threats. But how do you make people care? Use these tips for engaging cyber security training.
Strong passwords are a security must-have. Our guide will give you good password ideas, so you can learn how to make a strong password you can remember.
The ISAE 3000 can help your GDPR work. But it's not for everyone as it also takes a lot of work. Here's a quick introduction to what the ISAE 3000 is and how it can be useful.
You need to know your role as a data controller and as a data processor as it plays a big part of responsibility when it comes to the GDPR. Here's what you need to know.
Vishing and smishing is phishing attacks which happens over your phone either through calls or SMS. We like to trust people who call us, but sometimes we shouldn't.
This is how to spot a phishing mail. 7 tips for you and your colleagues to strengthen your awareness and cyber security.
Whaling is a type of phishing attacks which aims to get you to send huge amounts of money to the criminals. But how do you see through the scams?
Phishing simulations and phishing training is a way to make sure your team learns how to spot dangerous e-mails in their inbox. But how do you make good phishing simulations?
Phishing is the most common cyber security attack forms. It cost companies a lot of money. It's important that your employees can spot a phishing mail.
GDPR demands that you do not keep personal data longer than you need. Data destruction is therefore an important topic to consider in your GDPR work.
There's a lot of step you need to take to make sure your company is GDPR compliant. We've listed a lot of them in this guide that can start your GDPR-trip.
Phishing is a dangerous threat but spear phishing is an even bigger threat. Spear phishing is targeted phishing. Read what it is and how to prevent it.
You need lawful basis for processing personal data. But what is it and how can do you get it? Here's what you and your colleagues should know.
It is difficulty to get a overview of all the assets and devices in your organisation. Asset management is crucial. Read how to make it easy.
Data minimisation is a principle that states you should not keep data for longer than needed. Here's what you need to know.
Malware is malicious software. It is a term for any type of software with a malicious intent. An example of malware could be ransomware.
The Schrems II case makes it impossible for US organisations to use the so-called Privacy Shield framework. This will affect how organisations share data.
The Schrems II ruling have been reason for a lot of concern in a lot of companies. Now new guidelines are here. We'll take you through them.
What'sAppening with WhatsApp? Read why WhatsApp have been fined and what you can learn from it to avoid making the same mistakes.
You need legal basis for posting pictures and videos online. There are different kind of basises such as consent, contracts and legitimate interest.
Email is the biggest reason for security breaches. We attach the wrong files. We send it to the wrong contact. Here's all you should know
Learn what concrete steps you can take to measure the effect of cyber security awareness training in your organisation.
Security breaches can easily occure in video meetings. If you are unaware you might share your screen with personal data on it.
Personal data is any information that relates to an indivdual and therefore can be used to identify the person. Read more to learn more.
A DPO (Data Protection Officer) is responsible for making sure that your company handles personal data as it should. But do you need a DPO?
SIEM can be an automated alarm system for your IT systems. Together with IT Log Management it can be an important cyber security tool
CEO Fraud is a method where hackers manipulates you to either send money or download malware. Here's what it is and what you can do about it.