It’s no secret that the cyber security industry loves acronyms. Today, I’ve got the pleasure of breaking down arguably one of the cyber industry’s most infamous acronyms: Fear, Uncertainty, and Doubt, also known as FUD! Specifically, we’re going to talk about how FUD has been heavily relied on for years when educating people about cybersecurity and why now it’s time for that to change for good. If you want your organization to have a successful security awareness trainingprogram, FUD is not the answer. We’re going to talk about what strategies you can use to empower yo ..read more

Cyber security can be overwhelming and for organizations just starting out the question is — where do you actually begin? What are the first steps that a small organization can take to build a cyber security program? Curricula’s founder and CEO Nick Santora (CISA, CISSP) sat down with the co-founder and CTO of Blumira, Matt Warner to discuss what it means to start from ‘square one’ in your security program. Blumira is a threat detection and response platform that has specialized technology to help organizations prevent ransomware attacks and data breaches. The benefit of securit ..read more

The topic of diversity is one that should be talked about amongst every organization, for us, the cybersecurity industry is one that needs work and specifically how to go about it in security awareness training. The discussion of diversity is not a comfortable one. However, in light of the many movements such as Black Lives Matter, #MeToo, Stop AAPI Hate, Equal Pay, and many more, the cyber industry can’t ignore the glaringly obvious need for more diversity, equity, and inclusion (DEI). Since the founding of Curricula, diversity has been baked into our training content and people. We want ..read more

A little over seven years ago we started something special. A little dream that I had back in March 2015 to create cybersecurity education that’s fun for everyone. And today, I’m announcing a new chapter in our story: Curricula has been acquired by Huntress for $22M. Before I get into the weeds on what’s next, how the industry is going to change, etc., I wanted to share more context about how one of the greatest cybersecurity stories of our time came to be.  Back in November of 2021, we launched a new Curricula Free plan, designed as a free security awareness plan to help SMBs with up to ..read more

Do you think every employee in your organization would speak up if they thought a phishing or cyber attack was looming? Are you able to have tough conversations about cyber security with your board or management team? The term ‘Culture of Silence’ is more relevant now in cyber security than ever before. Add compliance into the mix, and you have a recipe for employees to stay quiet in fear of getting in trouble. We’re here to break down why the culture of silence is becoming a growing problem and how to create a more transparent security culture. Why do people stay silent when they experience ..read more

SOC 2 is emerging as one of the most common frameworks to transparently demonstrate the security controls your organization follows to protect customer data. There’s a lot of ambiguity about the SOC 2 security awareness training requirements and what it takes to implement a successful security awareness program. You might have found this blog because you’re searching for what you need to do to successfully navigate your organization through SOC 2 compliance. I wanted to share our approach here at Curricula on how we help high-growth SaaS companies with their SOC 2 security training requiremen ..read more

Unless you’ve been living under a rock, everyone knows what phishing is and most likely has received or even fallen for a phishing email themselves. So at this point, there should be no excuse, right? Wrong. While it’s apparent we all know what we’re up against, the facts still show that we continue to fall victim to these attacks. Therefore, the only way you’ll be able to build up your defenses and mitigate against phishing attacks is through practice. That’s where phishing training comes in handy for you and your employees. Starting your phishing simulation training program as a part of you ..read more

As we start to settle into the New Year, I wanted to share a story about making a change for the better that I’m sure most people can relate to. It involves one man (me), one chair, and a lot of pain. Using this story we’re going to figure out what your current pain point is in your security awareness training program (or another part of your life) and more importantly how to leave it behind for the better. So what’s your crux? A crux is a difficult problem or pain point that requires some kind of resolution. While like me, I’m sure you can come up with a long list of cruxes, there’s one I’d l ..read more

It’s no secret that the cyber security industry loves acronyms. Today, I’ve got the pleasure of breaking down arguably one of the cyber industry’s most infamous acronyms: Fear, Uncertainty, and Doubt, also known as FUD! Specifically, we’re going to talk about how FUD has been heavily relied on for years when educating people about cybersecurity and why now it’s time for that to change for good. If you want your organization to have a successful security awareness training program, FUD is not the answer. We’re going to talk about what strategies you can use to empower your employees rather than ..read more

Cyber security can be overwhelming and for organizations just starting out the question is — where do you actually begin? What are the first steps that a small organization can take to build a cyber security program? Curricula’s founder and CEO Nick Santora (CISA, CISSP) sat down with the co-founder and CTO of Blumira, Matt Warner to discuss what it means to start from ‘square one’ in your security program. Blumira is a threat detection and response platform that has specialized technology to help organizations prevent ransomware attacks and data breaches. Let’s break down some of the topics t ..read more