Discover our latest articles on cyber security and the human blind spot. Have a click around to explore blogs, news, tips, and more. Or subscribe to our newsletter to stay in the loop!
Intervention Playbooks are a powerful new way for security teams to automate how they respond to human cyber risks within the CultureAI platform, with precision, transparency, and control.
){kind=logo}
We’re offering a 7-day free trial to help security teams uncover their biggest blind spot — risky human behaviour. You’ll see real risks from your organisation surface within just 24-hours of setting up your integrations.
In April 2025, large retailers were targeted by cyber attacks that caused disruption across their services. Although attribution is still being confirmed, indicators strongly link these attacks to Scattered Spider, a group known for aggressive, human-centric tactics and high-profile breaches.
){kind=small}
To help organisations understand and contextualise how human behaviours create risks and enable threats we have released our Human Threat Map to the public. This tool will serve as a reliable resource to help security teams build effective detections, mitigations, and interventions that defend or human perimeter.
Computer-Using Agents (CUAs), while intended to increase productivity, can be repurposed by threat actors for malicious use. In this post we will explore the cyber security implications of CUAs, showing how tools like OpenAI’s Operator can be manipulated to perform real-world attacks, and how we should prepare to defend against it.
In the first quarter of 2025, CultureAI’s platform detected critical or high-level risks across 50% of employees each month. This data highlights the urgent need for automated interventions to address the most common security threats.
The first quarter of 2025 has revealed critical vulnerabilities, data breaches, and novel attack vectors that highlight the importance of proactive security measures and automated interventions. Here’s a deep dive into the major cybersecurity events of Q1 and what organisations can learn from them.
Within weeks of stepping into a new role, I found myself receiving multiple phishing emails impersonating our CEO. Rather than ignoring them, I thought it could be fun to play along and deep dive into the world of BEC and Gift Card scams.
As attackers refine their techniques and the line between real and fake continues to blur, this Google Ads malware attack served as an effective case study for where human risk management could be combined with technical safeguards to protect users from these types of attacks.
With AI technologies evolving at an unprecedented pace, are we truly prepared to handle the security challenges they pose to individuals and businesses alike? Let's consider DeepSeek as a critical case study and review some issues that may arise with adoption of new AI tools.
In this article, we’ll explore what is meant by behavioural analytics, the types of attacks behaviour analytics can prevent, and how your security team can leverage these insights to improve human risk monitoring efforts.
In this article, we’ll explore the growing risks of insider threats, and how organisations can effectively address them.
In this article, we’ll discuss the growing issue of MFA phishing attacks, highlighting the various vulnerabilities in current MFA solutions, how attackers exploit them, and the strategies that organisations can use to identify, prevent, and respond to MFA phishing threats effectively.
In this article, we will discuss how your organisation can incorporate SSPM into its wider human risk management strategy.
Understanding the various forms that shadow IT can take is crucial for managing and mitigating its risks. In this article, we look into how to detect and prevent shadow IT risks in your organisation.
In this article, we’ll delve into why SaaS is so popular, what SaaS security entails, and how the associated security risks can be mitigated with the right processes and toolsets.
With the rise of HRM, a variety of new technologies have also emerged on the market. However, how do you navigate the sea of buzzwords and shiny promises to pick the solution that's right for you?
){kind=small}
Training alone isn't enough to change security behaviours. Explore the different human error types and strategies for building a resilient security ecosystem.
Businesses are increasingly asking: How secure is Microsoft Teams? This article will break down the core security features of Teams, explore its strengths, examine potential vulnerabilities, and offer practical steps to maximise security.
Explore the limitations of Security Awareness Month and discover strategies for fostering a lasting cyber security culture. Learn how automation and AI-driven platforms can mitigate risks and enhance employee security behaviours.
&w=64&q=100){kind=logo}
&w=64&q=100){kind=small}
&w=64&q=100){kind=small}