CyberPilot blogJoin our +4000 subscribers and sign up for our newsletter.
Explore the 7 essential benefits of security awareness training. Discover how it safeguards data, educates your team, and enhances your organization's cybersecurity.
Making a good security awareness training program by yourself takes a lot of time and money. See what it takes and when to consider getting outside help.
Our content recommendation for the first year of security awareness training, and how to customize a plan for your organisation.
Social engineering is present in pretty much all cyber-attacks. Learn about the most common social engineering tactics and how to detect and stop them.
Stay one step ahead of phishing attacks with a robust response strategy. Learn essential components and empower your team to tackle incidents confidently.
Our interview with Anna gives you actionable tips for complying with the GDPR and three steps any organization can take to get started today.
7 Tips to Enhance Email Security! Safeguard your organization from cyber threats with these simple steps. Read on for quick and effective solutions!
NIS2 strengthens cyber security requirements for companies across the EU. It establishes a framework and sets a baseline for future cyber security.
With data from about 100,000 phishing campaigns, we show you which social engineering techniques trick the most people and how education can change this.
We asked Karen Lawrence how she looks at GDPR work in today's working landscape. Read what she thinks are the biggest challenges and what you can do as a DPO.
Learn how pseudonymization enhances data privacy and enables GDPR compliance. Learn practical tips to implement it effectively and ensure data security.
CIS Controls v8 has 18 security safeguards to protect your organization. See how to meet the security awareness training requirements of Control 14.
8 out of 10 security issues are related to weak passwords. Ensure your employees use strong passwords by downloading our free password policy template.
AI tools like ChatGPT make work much easier. But they can also be exploited by cybercriminals. See how AI makes writing a phishing email a breeze.
Ethical use of data can help organisations comply with the GDPR and limit IT security risks. Why data ethics should be part of your IT security.
An emergency response plan is a documented process that outlines the steps an organization must take in the event of a cybersecurity incident.
Security awareness training creates awareness among your employees and strengthens your security. It can cover topics within IT security and the GDPR.
Security breaches continue to rise. We've gathered the biggest security breaches of 2022 and show you how you can protect your organisation from a breach.
What are the largest GDPR fines? How do you avoid getting a GDPR fine? We run through the rules for GDPR fines and expectations for 2023.
Don’t let your employees take the bait. Protect your business from different types of phishing attacks by using these 4 concrete strategies.
You can do security awareness and GDPR training online or in person. We discuss different types of training and how to do it effectively.
Cost is likely a big factor in how you train your team on IT security. We discuss the cost of training employees and how it leads to long term savings.
Not everybody needs to have access to all personal data. Here are 4 recommendations on how to control access to personal data.
The Danish Data Protection Agency has published statistics on GDPR security breaches. Find out the most common security breaches and how to avoid them.
Privacy By Design means making sure that privacy is prioritized every time we are designing products, processes and much more.
Studies show that 80% of organisations report that phishing awareness training reduces the risk of falling for a phishing attack. So yeah, it does work!
Mobile Device Management (MDM) can help you secure and monitor the mobile devices your organisation uses for work. Here is how!
Learn the difference between an ISO 27001 certification and an ISAE 3402 report. A comprehensive guide to help you choose a report and get started.
How do you choose which free online tools employees can use? Here's a few thing to consider when creating guidelines.
A strong security culture is the foundation of a safe organisation. We share the best things you can do to develop a strong security culture in your company.
What are the 7 principles of the GDPR? We walk you through the 7 principles of data protection to help you get one step closer to becoming GDPR compliant.
Data discovery is the process of mapping out all sensitive personal data you got in your company. This helps find data that you didn't know you had so that you can protect it
Discover the 5 most common types of data breaches and their impact on your business. Learn how to protect sensitive information and safeguard your organization against cyber t
We break down the difference between training and learning and help you to encourage a culture of learning within your organizaiton.
Data breaches are expensive. We use IBM’s 2022 Cost of a Data Breach Report to cover how a breach could impact your company and how to avoid breaches.
A Safety Detectives interview with our CEO - Rasmus. Learn about CyberPilots history and how we see the Awareness world develop.
A data processing agreement is a contract between a data controller and a data processor. It must be signed in order to comply with the GDPR.
Phishing is the biggest security threat that companies are facing today. That's why you should train your employees in recogninsing phishing attempts.
Perhaps someone in your organization is using these common passwords? They could be putting your organization in danger - see how to improve your passwords.
Microlearning makes your awareness training engaging and manageable. See how microlearning supports information retention and can help your organisation.
Angler phishing is a type of phishing that occurs on social media. Cyber criminals disguise themselves as a customer service agent and tries to trick you.
Awareness training works. The research says so. We've also asked some of our customers what they have to say about our training. Find out what they said!
2FA protects your online data by adding an extra layer of security to your accounts. It should be an essential part of your IT-security
We improve our courses all the time, but sometimes we forget to tell people how. Here's what we've been working on for the last year.
Data privacy is often seen as a human right. But what does it exactly mean for you and your company? Read about data privacy and get 5 tips on what you can do.
Password managers is a great way to keep track of all of your passwords. You only need to remember one password to access all of your passwords. Read more.
Ransomware is a type of malware which is used to blackmail companies. Here's are some concrete tips on how to avoid it.
Training your colleagues on IT-security topics is essential. See how you can make a training program with phishing and social engineering courses.
The Plan Do Check Act cycle (PDCA) is a method to ensure continuous improvements. Here's what it is and how it can improve your cyber security.
A risk analysis is useful for your organisation's IT security. Download our free risk analysis template and follow our step-by-step guide to get started.
GDPR training and security awareness training keep your organisation secure. They also help you meet the GDPR's staff IT security training requirements.
Get the free template and read our tutorial, which takes you through an Acceptable Use Policy example. The AUP helps your company’s cyber security.
Barrel phishing is a type of phishing attack where the criminals tries to start a conversation with you before they send the malicious link. Read about it here.
Get our free IT security policy template and follow the guide on how to use it. A good information security policy will strengthen your organisation.
Pharming is a type of phishing but it's nothing like normal phishing attacks. Read what it is and how your company can avoid be victims of pharming.
Security awareness training prepares your team for cyber threats. But how do you make people care? Use these tips for engaging cyber security training.
Strong passwords are a security must-have. Our guide will give you good password ideas, so you can learn how to make a strong password you can remember.
The ISAE 3000 can help your GDPR work. But it's not for everyone as it also takes a lot of work. Here's a quick introduction to what the ISAE 3000 is and how it can be useful.
You need to know your role as a data controller and as a data processor as it plays a big part of responsibility when it comes to the GDPR. Here's what you need to know.
Vishing and smishing is phishing attacks which happens over your phone either through calls or SMS. We like to trust people who call us, but sometimes we shouldn't.
This is how to spot a phishing mail. 7 tips for you and your colleagues to strengthen your awareness and cyber security.
Whaling is a type of phishing attacks which aims to get you to send huge amounts of money to the criminals. But how do you see through the scams?
Phishing simulations and phishing training is a way to make sure your team learns how to spot dangerous e-mails in their inbox. But how do you make good phishing simulations?
Phishing is the most common cyber security attack forms. It cost companies a lot of money. It's important that your employees can spot a phishing mail.
GDPR demands that you do not keep personal data longer than you need. Data destruction is therefore an important topic to consider in your GDPR work.
There's a lot of step you need to take to make sure your company is GDPR compliant. We've listed a lot of them in this guide that can start your GDPR-trip.
Phishing is a dangerous threat but spear phishing is an even bigger threat. Spear phishing is targeted phishing. Read what it is and how to prevent it.
You need lawful basis for processing personal data. But what is it and how can do you get it? Here's what you and your colleagues should know.
Data minimisation is a principle that states you should not keep data for longer than needed. Here's what you need to know.
Malware is malicious software. It is a term for any type of software with a malicious intent. An example of malware could be ransomware.
The Schrems II case makes it impossible for US organisations to use the so-called Privacy Shield framework. This will affect how organisations share data.
The Schrems II ruling have been reason for a lot of concern in a lot of companies. Now new guidelines are here. We'll take you through them.
What'sAppening with WhatsApp? Read why WhatsApp have been fined and what you can learn from it to avoid making the same mistakes.
You need legal basis for posting pictures and videos online. There are different kind of basises such as consent, contracts and legitimate interest.
Email is the biggest reason for security breaches. We attach the wrong files. We send it to the wrong contact. Here's all you should know
Learn what concrete steps you can take to measure the effect of cyber security awareness training in your organisation.
Security breaches can easily occure in video meetings. If you are unaware you might share your screen with personal data on it.
Personal data is any information that relates to an indivdual and therefore can be used to identify the person. Read more to learn more.
A DPO (Data Protection Officer) is responsible for making sure that your company handles personal data as it should. But do you need a DPO?
SIEM can be an automated alarm system for your IT systems. Together with IT Log Management it can be an important cyber security tool
CEO Fraud is a method where hackers manipulates you to either send money or download malware. Here's what it is and what you can do about it.