Microsoft Defender is a hidden gem of features if you use Office365.

A lot of companies don't really use it even though it's a part of there plan with Microsoft.

Today we dive into how you can use it to get better security when it comes to handling phishing emails.

It:

• Simplifies the phishing reporting for end users
• Make it easier for IT admins to get a good overview and take action
• Makes people better at spotting phishing

All big wins. So why not get started?

Fredrik Nielsen who is partner in CyberPilot joins the podcast.

He talks about why you should do Security Awareness Training.

He comes across:

• Why Security Awareness training shouldn't just be for compliance
• Why culture and behavioral change should be the goal
• Why you should care about your employees when doing training
• 3 principles to implement in your training
• Why you might need to accept that not all employees act perfectly

Listen along and click subscribe if you like what you here.

Feel free to rank the podcast where you listen to it.

You can always write us, if you have any feedback. We would love to hear from you.

Write me, your host, right here: abt@cyberpilot.dk

We have a new podcast episode live after a winter break.

This time, we got digital learning specialist Tue Saltofte Lund in the studio to discuss what makes good security awareness training is.

This means you can listen to a lot of gold nuggets about:

- Why your courses must be practical for your employee's everyday life

- How we structure courses and the thoughts behind it

- Why you shouldn't assume you know what people know

We hope you enjoy.

In this episode i'm joined by Julie Dolleris. She's our security culture expert in CyberPilot.

She's been measuring the security cultures in a bunch of companies. This has created quite a few learnings that we thought would be interesting to share with you all.

Because what are learnings worth if not shared?

She dives into:

• What it is that we've measured.
• What the learnings are across all companies
• What surprised us and the companies
• How you can get started building a strong security culture

Hope you enjoy.

If you are interested in learning more about security cultures, you can read more right here:

https://www.cyberpilot.io/security-culture

What are the social engineering methods and tricks scammers use in their phishing emails?

It might be easy to spot a phishy URL or a badly spoofed email address. But what if these things look legit?

Then what are the tells you and your colleague should look for?

Benjamin Pomerleau joins the podcast to discuss about the 8 tells he sees all the time in phishing emails.

If you and your colleague can spot these tells, then you have a great chance of spotting the phishing emails before they do any harm.

In this episode, we are joined by Bjarke Petersen, the founder of CyberSales and CyberMinds. Rumour has it that he has a third startup coming up.

Bjarke talks with many companies about cyber security, which makes him the perfect one to ask about the challenges many companies face and what they can do about them.

Two of the biggest challenges he talks about are:

- Budget

- Overview and prioritization

He also mentions a few tools that might be worth diving into.

These are:

- Passbol

- Bitwarden

- Wazuh

We hope you enjoy the episode.

In today's episode, I've invited my dear colleague, Jonas Klærke Hejlskov, into the studio. He's here to talk about 5 misconceptions about security awareness training we see all the time.

The misconceptions are:

1. A Few Big Events Are Enough for your security training

2. Grouping Training Topics By Category

3. Training Alone Makes You Secure

4. Training is a "Set It and Forget It" Process

5. Over-Customizing Training for Every Employee

I hope you enjoy.

PS: You can also read about the misconceptions right here:

https://www.cyberpilot.io/cyberpilot-blog/5-misconceptions-about-effective-security-awareness-training

We already talked with Kim Theilgaard once. And the response was, that you all want more.

In the first episode (episode 12 of the podcast), Kim mentioned the 20-50 questions they ask all companies to determine whether they are ready for cyber insurance.

In this episode, we dive a bit deeper into these questions which are focused on five different areas.

We don't have time to go through all questions but we do give an introduction to what is in those five areas.

Do you want to know what all the questions are, feel free to write Kim and he will send them to you.

His email is: kt@fairside.dk

-------

Besides the questions we couldn't help it but to quickly go through a breakdown like Crowdstrike - If a breakdown like that affects your business, does cyber insurances cover it? Well... It depends.... Listen how, in the episode.