Thoughts, Trends & Tips | Junglemap Blog

Latest blog posts

From securing code – to securing behaviour

With AI agents, we’re now moving quickly from pilots to production across business and sectors in society. And unlike task-specific automations, AI agents plan, decide, and act across multiple steps and systems on behalf of users and teams. This is not just a technical upgrade. It’s a new paradigm when it comes to security: We are no longer securing code - we need to secure behaviour.

Information Security

ISO 27017 helps reduce security risk, strengthen compliance, and streamline vendor management

Junglemap has been issued an ISO 27017 certification on cloud security. Three quick questions to Geir Aasen, Junglemap CISO, on this new ISO-certification.

Source-critical employees are increasingly important in the age of AI

In a digital world where deepfakes and AI-generated images are becoming more convincing, fake profiles can be created in minutes and algorithms reward emotional posts, our immediate reactions are often the ones that are exploited.

January 9, 2026

Information Security

Five ways to comply with the Swedish Cybersecurity Act

Sweden’s Cybersecurity Act and NIS2 take effect on 15 January 2026, raising leadership accountability for cybersecurity. Here are five key actions to meet the new requirements—from governance and risk management to incident reporting and supplier control.

All blog posts

From securing code – to securing behaviour

With AI agents, we’re now moving quickly from pilots to production across business and sectors in society. And unlike task-specific automations, AI agents plan, decide, and act across multiple steps and systems on behalf of users and teams. This is not just a technical upgrade. It’s a new paradigm when it comes to security: We are no longer securing code - we need to secure behaviour.

Information Security

ISO 27017 helps reduce security risk, strengthen compliance, and streamline vendor management

Junglemap has been issued an ISO 27017 certification on cloud security. Three quick questions to Geir Aasen, Junglemap CISO, on this new ISO-certification.

Source-critical employees are increasingly important in the age of AI

In a digital world where deepfakes and AI-generated images are becoming more convincing, fake profiles can be created in minutes and algorithms reward emotional posts, our immediate reactions are often the ones that are exploited.

January 9, 2026

Information Security

Five ways to comply with the Swedish Cybersecurity Act

Sweden’s Cybersecurity Act and NIS2 take effect on 15 January 2026, raising leadership accountability for cybersecurity. Here are five key actions to meet the new requirements—from governance and risk management to incident reporting and supplier control.

November 12, 2025

How we make safety part of everyday work

Cyber threats are increasing – that's why security must become a part of everyday life. Junglemap shows how continuous learning and short NanoLearning lessons really strengthen the security culture.

November 11, 2025

Information Security

Black Friday: Scam attempts are on the rise – how to avoid being scammed

Black Friday and Cyber Monday do not only attract shoppers eager to find deals – but also scammers. A global report from security company SEON shows that online scams increased by over 400% during Black Friday in 2024.

September 29, 2025

Information Security

When cyber risk meets reality - key take aways from ECCP conference in the Phillipines

At the Risk Meets Reality cybersecurity seminar in the Philippines, Junglemap’s partner Tagore showcased how NanoLearning builds resilient security cultures.

September 24, 2025

Information Security

Cybercriminals’ Focus: People, Not Machines

Despite increasingly advanced technical defenses such as firewalls and security software, the number of data breaches continues to rise. The reason is clear: attackers are increasingly targeting us humans.

September 18, 2025

Focus on your targeted audience and their learning – some thoughts on gamification

What is gamification, really? Is it an effective way to strengthen organisational learning? And perhaps more importantly: can it help us achieve the true purpose of our information security courses – to reinforce our human firewalls?

4 security tips when working and travelling

Travelling with work? Keep data safe with four easy tips: limit what you bring, secure your devices, avoid public wifi, and stay aware of your surroundings.

Work phone for private matters – a privacy risk

Using your work phone for personal use—or your personal phone for work—can put company data at risk. Learn how to stay safe with smart habits and Junglemap’s STAR method.

Terms & conditions do matter to your security

Accepting app and website terms without checking can risk company data. Junglemap’s lessons help build smart, secure habits for everyday digital decisions.

4 security tips when working and travelling

Travelling with work? Keep data safe with four easy tips: limit what you bring, secure your devices, avoid public wifi, and stay aware of your surroundings.

Work phone for private matters – a privacy risk

Using your work phone for personal use—or your personal phone for work—can put company data at risk. Learn how to stay safe with smart habits and Junglemap’s STAR method.

Terms & conditions do matter to your security

Accepting app and website terms without checking can risk company data. Junglemap’s lessons help build smart, secure habits for everyday digital decisions.

Worcation? Don’t take a vacation from cybersecurity

Working remotely while traveling—worcation—comes with hidden cybersecurity risks. Learn how to stay secure even when you’re not in the office.

GDPR-tips 3: Avoid GDPR pitfalls by deleting old data

Keeping data too long increases risk and violates GDPR principles. Learn why data minimization and timely deletion are key to responsible handling.

GDPR applies to paper too — Not just digital data

GDPR isn’t just about digital data. Paper documents also contain personal information—and must be handled with the same care and compliance.

GDPR tip 1: Don't collect more data than necessary

Collecting only the data you truly need isn’t just good practice—it’s essential for privacy, compliance, and building trust with users.

Information Security

ISO 27017 helps reduce security risk, strengthen compliance, and streamline vendor management

Junglemap has been issued an ISO 27017 certification on cloud security. Three quick questions to Geir Aasen, Junglemap CISO, on this new ISO-certification.

January 9, 2026

Information Security

Five ways to comply with the Swedish Cybersecurity Act

Sweden’s Cybersecurity Act and NIS2 take effect on 15 January 2026, raising leadership accountability for cybersecurity. Here are five key actions to meet the new requirements—from governance and risk management to incident reporting and supplier control.

November 11, 2025

Information Security

Black Friday: Scam attempts are on the rise – how to avoid being scammed

Black Friday and Cyber Monday do not only attract shoppers eager to find deals – but also scammers. A global report from security company SEON shows that online scams increased by over 400% during Black Friday in 2024.

September 29, 2025

Information Security

When cyber risk meets reality - key take aways from ECCP conference in the Phillipines

At the Risk Meets Reality cybersecurity seminar in the Philippines, Junglemap’s partner Tagore showcased how NanoLearning builds resilient security cultures.

September 24, 2025

Information Security

Cybercriminals’ Focus: People, Not Machines

Despite increasingly advanced technical defenses such as firewalls and security software, the number of data breaches continues to rise. The reason is clear: attackers are increasingly targeting us humans.

August 30, 2024

Information Security

NIS2 is knowing what’s worth protecting

Effective NIS 2 compliance begins with identifying your critical assets. Learn why knowing what to protect is the foundation of cybersecurity.

Information Security

The food sector - what’s new with NIS2?

With a wider coverage of sectors, stricter requirements for risk management and incident reporting and more hard-hitting penalties for non-compliance, the new NIS2 directive is the most comprehensive European cybersecurity directive yet.

November 14, 2023

Information Security

NIS 2 and digital infrastructure: What’s changing

NIS 2 expands cybersecurity obligations for digital infrastructure providers. Get clear on the new rules, who’s affected, and how to comply.

November 14, 2023

Information Security

The public sector - what’s new with NIS2?

NIS 2 brings new cybersecurity duties to the public sector. Learn what’s required, who’s affected, and how to build resilience and compliance.

November 9, 2023

Information Security

The health sector - what’s new with NIS2?

Healthcare organizations face stricter cybersecurity demands under NIS 2. Understand the key changes, who’s affected, and how to stay compliant.

November 9, 2023

Information Security

The energy sector - what’s new with NIS2?

The energy sector faces new cybersecurity obligations under NIS 2. Understand the key changes, compliance demands, and how to stay ahead.

November 9, 2023

Information Security

The transport sector - what’s new with NIS2?

NIS 2 introduces stricter cybersecurity requirements for the transport sector. Learn what’s changing, who’s affected, and how to prepare.

Information Security

Beyond IT: Why managers must lead cybersecurity

Cybersecurity isn't just an IT issue. Managers must lead by example, set the tone, and drive a culture of security across the organization.

Information Security

Make awareness training part of your cyber culture

Cybersecurity isn’t just about technology—it’s about people. Awareness training is key to building a strong, resilient security culture across your organization.

Information Security

DORA: Strengthening cybersecurity in finance

The DORA regulation brings new cybersecurity requirements to the financial sector. Learn how it creates both challenges and opportunities for resilience.

Information Security

Awareness training – a key in NIS 2 compliance

Effective awareness training is essential for meeting NIS 2 requirements. It helps build a security-conscious culture and reduces human risk in your organization.

November 18, 2022

Information Security

Reversing VUCA: Finding clarity in chaos

Explores how to respond to a volatile, uncertain, complex, and ambiguous world by reversing the VUCA model—bringing vision, understanding, clarity, and agility to 2023’s challenges.

November 18, 2022

Information Security

Strengthen your STAR behavior

Discover how the STAR method helps you shift from impulsive reactions to thoughtful responses, strengthening decision-making in everyday situations.

From securing code – to securing behaviour

With AI agents, we’re now moving quickly from pilots to production across business and sectors in society. And unlike task-specific automations, AI agents plan, decide, and act across multiple steps and systems on behalf of users and teams. This is not just a technical upgrade. It’s a new paradigm when it comes to security: We are no longer securing code - we need to secure behaviour.

Source-critical employees are increasingly important in the age of AI

In a digital world where deepfakes and AI-generated images are becoming more convincing, fake profiles can be created in minutes and algorithms reward emotional posts, our immediate reactions are often the ones that are exploited.

When AI tries too hard to help

AI tools like ChatGPT are eager to assist—but sometimes too eager. Explore how overhelping can mislead, and why critical thinking still matters.

How we make safety part of everyday work

Cyber threats are increasing – that's why security must become a part of everyday life. Junglemap shows how continuous learning and short NanoLearning lessons really strengthen the security culture.

Focus on your targeted audience and their learning – some thoughts on gamification

What is gamification, really? Is it an effective way to strengthen organisational learning? And perhaps more importantly: can it help us achieve the true purpose of our information security courses – to reinforce our human firewalls?

Learning is a process – not an event

Effective learning takes time. Explore why continuous, process-based learning outperforms one-time events—and how to make it work in practice.

Consuming media is not learning

Consuming videos or content isn’t real learning. True understanding comes from reflection, repetition, and active engagement—not passive media.

Can we listen and read at the same time?

Explore the cognitive challenges of reading and listening simultaneously, presenting key research, implications for learning, and tips for effective multitasking.

Phishing training that works – what users really think

At a recent breakfast seminar at Junglemap, computer science students Henrik Enell and Robin Lekander from Linköping University shared findings from their bachelor's thesis.

Phishing simulations should build trust — Not fear

Phishing simulations are meant to educate, not punish. Learn how to build trust through training that empowers users instead of creating fear.

Phishing simulations: Don’t use real trademarks

Using real trademarks in phishing tests can backfire—legally and ethically. Learn why it's risky and how to run smarter, safer simulations.