Is phishing still a major focus at your organization?
Sort by:
All forms of email phishing remain the number one attack vector into an organizational infrastructure. The top priority of email phishing is account credential compromise, which is also the number one hacker method behind data breaches. The effort to educate staff and maintain staff awareness of phishing is the best security investment against data breaches.
Bad actors are getting in through phishing but there are also more aggressive attacks where they're going through security holes, etc., so, while phishing should absolutely still be a priority, understanding other potential attack vectors in your environment is critical.
I have phish testing on autopilot for the whole organization. I’ve taught the team to report phishing even if it's a phishing test and I've integrated that with my security orchestration, automation, and response (SOAR) so that it will know if it's a test or a legitimate phish. And if it's a legitimate phish, then it will enhance that with indicators of compromise (IOC) data, a URL filter, and things like VirusTotal, so it will check if those things are risks. And if they are, then it will launch my instant response program.
Our CISO has been doing a number of training sessions for internal employees on how to be aware of ransomware, phishing, etc. People know they are not supposed to open a certain kind of email, and then they still open it. But why do we even let that email reach my inbox? What are we not doing that can prevent that? And if something happens, how do we rescue ourselves? That is where my interests lie.
I look at awareness training and all that stuff—not everybody gets A’s and that's the problem. So it makes it tough.
As a Higher Educational Institution, we have seemed an uptick in email phishing scams. We're a new section in our security strategic plan that solely focuses on this issue.