Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • On The Air: 2019 Cyberthreat User Prep Guide
    On The Air: 2019 Cyberthreat User Prep Guide
    Roger Grimes, Justin Ong, Dave Tutweiler Recorded: Dec 13 2018 63 mins
    2019 promises to be the biggest year yet when it comes to not only the sheer volume of cyberthreats but also the new ways your users may be targeted. How prepared are YOUR users in standing up to them?

    On this episode of On the Air, we’ll talk about the top threats your users will be facing in 2019 and the training and testing you’ll need to deliver to make sure they’re ready for them. We’ll be talking with IT pros from the Spiceworks Community as well as an expert from KnowBe4.

    Here’s what we’ll discuss:
    - Cryptojacking, vishing, and other big threats to watch out for in 2019
    - Training and testing your users across multiple attack vectors, like email phishing and social engineering
    - How to set up honeypots and other low-cost proactive measures
  • The Pesky Password Problem: How Hackers and Defenders Battle For Network Control
    The Pesky Password Problem: How Hackers and Defenders Battle For Network Control
    Kevin Mitnick, Roger Grimes, Perry Carpenter Recorded: Dec 4 2018 66 mins
    What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

    In this unique webinar, you will learn about the recent NIST controversy and related password cracking problems. The “combatants” will be on the one side KnowBe4's Chief Hacking Officer, Kevin Mitnick with decades of first-hand “red-side” penetration testing experience, and on the other side, Roger Grimes, KnowBe4's Data-Driven Defense Evangelist with decades of experience on the blue team. The referee will be Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer.

    They will provide an in-the-trenches view of authentication hacking, so that you get some insights about the truth of the effectiveness of passwords, various password management guidelines, and even stronger authentication systems using multiple factors.
  • The Real World: Security Awareness Training
    The Real World: Security Awareness Training
    Erich Kron, Justin Ong, Tory Dombrowski, Robyn Edwards Recorded: Nov 30 2018 44 mins
    This is the true story of two IT pros who got sick of their users clicking on everything and wanted to teach them a lesson… in a good way. Find out what happens, when people stop being polite, and start getting real. The Real World: Security Awareness Training!

    In this webinar we talk to two IT pros from the Spiceworks Community about their experiences and lessons learned in designing and delivering a security awareness training plan to their users.

    What we're discussing:
    - Designing a program specific to your industry and organization
    - Managing Up: best practices for training executives and other higher ups
    - How to deal with problematic users and repeat offenders
  • The training field: Create a human firewall with security awareness training
    The training field: Create a human firewall with security awareness training
    Erich Kron, Stephen Lawton Recorded: Nov 6 2018 33 mins
    So many of today’s cyberattacks are based on tried and true methods of social engineering, many dating back as much as 30 years. But attacking a victim’s machine for the sole purpose of mining cryptocurrency, installing ransomware or otherwise monetizing your network really is a 21st Century breach.

    The problems, of course, are still the same: loss of productivity, potential data loss, and quite frankly, who wants a criminal mucking around in your network?

    This webcast looks at how companies can train their staffs — and senior management — to recognize a potential phishing, visihing, smishing or other attacks, as well as techniques security teams can use to test their staffs on how well they understand the training they’ve received.
  • Understanding and Preventing the Latest Social Engineering Attacks
    Understanding and Preventing the Latest Social Engineering Attacks
    Erich Kron, Tim Wilson (Dark Reading), Chris Hadnagy, Ryan MacDougall Recorded: Nov 3 2018 63 mins
    While hackers and cyber attackers are continually developing more sophisticated methods for penetrating enterprise systems, most of their exploits begin with a simple step: fooling users into breaking security policy. These "social engineering" attacks – including phishing, social networking scams, and online "watering holes" – are designed to trick your users into giving up their passwords or opening email attachments that contain malware. But how can enterprises prevent this sort of attack? Can users be trained to recognize such exploits and avoid them? In this webcast, experts discuss the most effective methods of defending against social engineering attacks.
  • Cryptomining, A New Major Headache With Hidden Risks
    Cryptomining, A New Major Headache With Hidden Risks
    Erich Kron Recorded: Oct 23 2018 56 mins
    Cryptomining infections are growing exponentially this year. Bad guys are hijacking your network processing power to steal your workstation and server resources. They are using various families of malware trying to stay under your radar.

    Trying to maximize their criminal profits, they now infiltrate your network and use malicious code to determine the most lucrative attack–cryptomining or ransomware–making these attacks more dangerous than ever. To add insult to injury, they often leave whole libraries of hacking tools and backdoors behind.

    Join Erich Kron, KnowBe4's Security Awareness Advocate, and learn more about the combined Ransomware / Cryptomining threat along with real-world examples of how criminals attack your users and network through innovative and devious tactics.

    You’ll learn about:

    - Cryptomining and what the real danger is to you
    - The combined cryptomining / ransomware threat
    - How this type of malware spreads
    - What you can do to protect your network
  • Kevin Mitnick Hacks LinkedIn Two-Factor Authentication
    Kevin Mitnick Hacks LinkedIn Two-Factor Authentication
    Kevin Mitnick Recorded: Oct 19 2018 7 mins
    KnowBe4's Chief Hacking Officer, Kevin Mitnick, shows a two-factor authentication exploit based on a credentials phishing attack using a typo-squatting domain. Once the user falls for this social engineering tactic and enters their credentials, the 2FA token gets intercepted and it's trivial to hack into the LinkedIn account.
  • The Quantum Computing Break is Coming. Will You Be Ready?
    The Quantum Computing Break is Coming. Will You Be Ready?
    Roger Grimes, Data-Driven Defense Evangelist Recorded: Sep 26 2018 62 mins
    Quantum computing is a game-changer and will have a huge impact on the way we do business, safeguard data, explore space, and even predict weather events. Yet, some experts say in the not so distant future quantum computers will break existing public key cryptography forever.

    On that digital day of reckoning, every stored secret protected by traditional public key crypto will be broken forever; including TLS, digital certificates, PKI, SSH, RSA, most wireless networks, VPNs, online financial transactions, and even bitcoin and blockchain. All of it made worthless in a second…

    The bad guys will be able to use more secrets against you than ever before, especially in increasingly sophisticated spear-phishing attacks. Attend this exclusive event to learn what you can do to prepare.

    •Why quantum computing is different than traditional binary computing
    •How close quantum computers are to breaking traditional public key cryptography
    •What defenses you can deploy after public key cryptography is broken
    •How to prepare your users - your best, last line of defense

    The quantum computing break is coming. Will you be ready?
  • CEO Fraud: The Latest Business Email Compromise Scams
    CEO Fraud: The Latest Business Email Compromise Scams
    David Littman, Erich Kron Recorded: Sep 24 2018 63 mins
    The bad guys are getting very creative, impersonating an executive in your organization and asking for financial reports or they ask employees in payroll to make changes to bank accounts. According to the FBI, their efforts have earned them an estimated $12 billion through Business Email Compromise also know as CEO fraud scams. And to make things worse, these attackers can be working on multiple potential victims at the same time.

    In the event you'll learn:

    ~ The truth about Business Email Compromise

    ~ How to defend against these attacks using technical and non-technical controls

    ~ Why building a human firewall is your best layer of defense

    Invoice fraud, escrow redirection, payroll fraud, and simple wire transfer fraud are all tools in the attacker's arsenal. Defending against these types of phishing attacks is possible by layering technical and non-technical controls.

    Watch this on-demand webinar, as we take an in-depth look at how the latest attacks work and the psychology and mechanics behind them. We also discuss defensive measures you can take now to defend your organization against these attacks.
  • Exclusive Look: CSO's 2018 US State of Cybercrime Survey
    Exclusive Look: CSO's 2018 US State of Cybercrime Survey
    Bob Bragdon, Perry Carpenter, Randy Trzeciak, Christopher Leone Recorded: Sep 21 2018 45 mins
    Get an exclusive look into the results of the CSO 2018 US State of Cybercrime survey, with moderator Bob Bragdon, SVP and Publisher of CSOonline.com. Join Bob and guests from the U.S. Secret Service, the Software Engineering Institute at Carnegie Mellon University, and and KnowBe4, a leading security awareness training and simulated phishing provider. This lively and revealing discussion examines the latest 2018 cybercrime findings, including: the number of security events, major causes, and their impact; what CIOs and CSOs can do to better secure their organizations; and a close-up look at the state of security awareness training.

Embed in website or blog