Name: ISSA Thought Leadership Series: BEC Attacks – Who’s Impersonating Whom?
Start: 2020-06-17T17:00:00Z
End: 2020-06-17T17:00:59.000Z
Location: BrightTALK
Rating: 5

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including 85 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. 

Cybersecurity is not just about technology; it's also about the people who are impacted by it. Proofpoint’s latest 2024 State of the Phish report highlights the persistent challenge of user behavior in cybersecurity. Despite 71% of users acknowledging their risky behavior, they continue to prioritize convenience, undermining their organizations' security efforts.

Join us for a deep dive into actionable strategies that can transform cybersecurity awareness into meaningful behavior change, reducing the risk of compromise and bolstering defense measures. In this 1-hour webinar, our expert panel will unpack the State of the Phish report's findings on user behaviors and discuss tactics on influencing positive change.

We will cover these key takeaways:
- An exploration of why users knowingly engage in risky cybersecurity practices.
- Insight into the gap between user perception and professional expectations of security responsibility.
- Expert recommendations on strategies to impact positive cybersecurity behavior.
- Discussion on enhancing organizational and individual resilience against cyber threats.

The Human Element: Applying State of the Phish Insights for Behavioral Change

Business Email Compromise (BEC) isn't just about technology – it's about people. Cybercriminals exploit human trust and vulnerabilities to manipulate employees into transferring money or sensitive information. In today's evolving threat landscape, human-centric security is crucial to mitigating BEC attacks.

Join us for this 30-minute webinar to understand how attackers leverage the human element in BEC scams, and discover best practices for building a robust defense. We'll delve into:

- The human element: How attackers exploit human psychology and behavior in BEC attempts.
- Targeted attacks: Who are the most vulnerable employees, and how are they targeted?
- Building a people-centric defense: Practical strategies to empower your workforce and safeguard your organization.

The Human Factor in Business Email Compromise

Insider threats are increasing. The shift to remote and hybrid work, growth of data across multiple tools, applications, and channels, and high employee turnover puts sensitive data and systems at risk. As a result, proactively managing insider threats with visibility into user behavior is critical for today’s security teams.

Join us for this 30-minute webinar and live demo as we discuss how we think Proofpoint solutions deliver against capabilities outlined in the 2023 Gartner® Market Guide for Insider Risk Management Solutions. According to Gartner®, mandatory capabilities of enterprise IRM platforms are:

- “Orchestration with other cybersecurity tooling
- Monitoring of employee activity and assimilating into a behavior-based risk model
- Dashboarding and alerting of high-risk activity
- Orchestration and initiation of intervention workflows”

Guiding Principles for Insider Risk Management

Join us for our 10th annual State of the Phish Report webinar for an in-depth discussion on the 2024 findings and threat landscape in Europe and the Middle East, as well as changes in the security behaviors and attitudes of people.

2024 State of the Phish: A Year of Change in Europe and the Middle East

Rejoignez-nous pour notre 10e webinaire annuel "State of the Phish" pour une discussion approfondie sur les conclusions du rapport 2024, l’état du paysage des menaces en France et en Europe, ainsi que l’évolution des comportements et attitudes des personnes en matière de sécurité.

Rapport State of the Phish 2024: une année de changement en France et en Europe

Most organizations have little, if any visibility into the risk of sensitive data loss from misdirected emails, leading to negative business impacts, including significant productivity loss when unreported incidents are discovered.

Join us for a two-part webinar series as we review the rise of misdirected emails, and the negative impacts businesses face by leaving this risk vector unaddressed. We’ll dive into the multi-faceted impacts to your organization and explain how to leverage the power of artificial intelligence (AI) to stop sensitive data loss from emails being sent to wrong recipients.

Using AI to Stop Email Misdelivery and Prevent Data Loss

People’s risky behaviors enable the current threat landscape. For a long time, security professionals have relied on training to drive behavior change and to reduce people risk, but in vain. Our report indicates that over 90% of surveyed respondents bypass security knowingly. Moreover, attackers keep upping their game— we see novel attack techniques targeting people, including MFA bypass, telephone-oriented attack delivery (TOAD), QR-code phishing, and even attacks using AI-powered tools. How are your people reacting to these new types of attacks?

Join us for our 10th annual State of the Phish webinar for an in-depth look at the latest threat landscape as well as the security behaviors and attitudes of general working adults. In this 60-minute session, our experts will discuss:

- Look back at the 2023 threat landscape— what changed and what remains
- User behaviors and attitudes— discrepancies between security professionals and end users
- What organizations are doing today to drive behavior change and how to improve it
- Multi-layered approach to combat human-activated threats

2024 State of the Phish: A Year of Change

Many enterprises have embraced Data Loss Prevention (DLP) solutions in pursuit of regulatory compliance. However, these traditional tools often come with significant drawbacks, including high costs and maintenance challenges. DLP incident responders are frustrated with traditional DLP solutions due to lack of accuracy and context. Organizations are looking for solutions that go beyond traditional DLP and incorporate risk-based adaptive techniques to strengthen data security.  

Join us for this 30-minute webinar and live demo as we discuss the guiding principles for modern DLP and demonstrate how we think Proofpoint Enterprise DLP delivers on these principles:

- Visibility to risk of data loss and policy enforcement across email, endpoint, cloud, and web
- Rich context on user behavior and threats to data for a risk-based adaptive approach
- Enhanced content inspection with AI-generated data classifiers
- Centralized console and reporting for DLP and insider risk management

Guiding Principles for a Modern DLP Solution

In an era where cyber threats loom, healthcare organizations face increasingly sophisticated attacks targeting their people and data. Ransomware attacks, phishing, and imposter emails pose grave risks, often exploiting human vulnerabilities through targeted social engineering tactics. Understanding these evolving threats is paramount to building a strong security posture.

Join us for a live 30-minute threat briefing hosted by VP, Industry Solutions, Ryan Witt. This session will unveil crucial threat intelligence research tailored to aid healthcare organizations in comprehending and combatting advanced cyber assaults. We will share:
- Prevalent cyber-attacks impacting the healthcare industry
- Which medical departments are most targeted
- Best practices for bolstering cybersecurity defenses

Protecting Healthcare Organizations in 2024

Phishing isn’t just about clumsy emails from far-away princes needing your help to unlock their fortune! It’s a sophisticated game played by cybercriminals who’ve mastered the art of deception. Join our cybersecurity experts as they uncover with real examples the 14 most cunning types of phishing attacks that threaten organisations in EMEA:

* BEC (Business Email Compromise): the silent assassin that infiltrates your inbox, masquerading as a trusted colleague or executive. Learn how to spot the wolf in sheep’s clothing.
* Smishing (SMS Phishing): discover how cyber crooks manipulate your phone to steal your secrets.
* TOAD Attacks (Telephone-Oriented Attack Delivery): ever felt like your device had a mind of its own? We’ll expose the dark magic behind TOAD attacks.
* Spear Phishing: the personalised strike! Understand how cyber adversaries tailor their bait just for you.
…and 10 more!

Unlock the secrets of phishing defence. Join us on this exclusive webinar.

14 Types of Phish and How to Defend Against Them

Phishing isn’t just about clumsy emails from far-away princes needing your help to unlock their fortune! It’s a sophisticated game played by cybercriminals who’ve mastered the art of deception. Join our cybersecurity experts as they uncover with real examples the 14 most cunning types of phishing attacks that threaten organisations in EMEA:

* BEC (Business Email Compromise): the silent assassin that infiltrates your inbox, masquerading as a trusted colleague or executive. Learn how to spot the wolf in sheep’s clothing.
* Smishing (SMS Phishing): discover how cyber crooks manipulate your phone to steal your secrets.
* TOAD Attacks (Telephone-Oriented Attack Delivery): ever felt like your device had a mind of its own? We’ll expose the dark magic behind TOAD attacks.
* Spear Phishing: the personalised strike! Understand how cyber adversaries tailor their bait just for you.

…and 10 more!

Unlock the secrets of phishing defence. Join us on this exclusive webinar.

As organizations are struggling with search performance issues and administrative overhead, many are migrating from legacy on-prem archives or even modern cloud-based solutions to intelligent compliance platforms. We are now uncovering new insights from customers after they’ve deployed to a new system and are extrapolating best practices to ensure your organization can have a seamless migration.

Join us for this 30-minute webinar. You will learn:
- How search performance and scalability stand out as marquee statistics
- What e-discovery statistics support earlier Enterprise Strategy Group research predicting the need for increased litigation readiness
- What potential trends can be tracked with export statistics over time
- What recent, anonymous Gartner Peer Insights tell us about customer experience

Solving Common Archiving Challenges: Insights from Anonymous Customer Data

Every year, Proofpoint's threat experts examine trends from the prior year and anticipate changes in the threat landscape for the year ahead. For 2024, some of the top concerns include the rise of offensive AI, maturing toolsets that make it easier for threat actors to attack a range of new industries, and continued attacks against identities and privileges.

In this 1-hour session, Proofpoint’s experts will dive into cybersecurity threats to look out for in 2024. You will learn how to prepare and protect your most valuable assets: your people and your data. We'll cover:
- The evolution of the threat landscape and predictions for 2024
- Key actions you can take to protect your organization through every stage of the attack chain
- Top resources to help strengthen your security posture

2024 Threat Landscape: How to Prepare for the Year Ahead

In 2023, organizations wrestled with macro-economic uncertainty and geopolitical tensions, but one thing remained constant – the aggressive growth of email-based attacks. Organizations dealt with more sophisticated email threats, such as business email compromise (BEC), advanced phishing, and account takeover, that continued to wreak havoc on their native email defenses, including Microsoft 365. Organizations needs more powerful insights to detect and stop these advanced threats.

Watch this 60-minute webinar with S&P Analyst, Mark Ehr and Proofpoint’s Product Marketing Director, Tim Bedard. Learn how to break the attack chain and stop advanced email attacks. In this session, we will discuss:
- The top five email security takeaways in 2023
- Top three email security predictions and real-world examples for 2024
- Why analysts recommend augmenting native Microsoft 365 capabilities
- Key areas you need to augment in your Microsoft 365 security and best practices for strengthening your environment

The State of Email Security: What You Need to Know Now and in 2024

To protect users from email fraud, Google, Yahoo and Apple are implementing new rules that could block all unauthenticated customer emails from the inbox or send them directly to the SPAM folder.
 
The requirements will take effect as early as February 2024. Are you ready? 
 
Join Proofpoint and ISC2 on February 8, 2024 at 1:00 p.m. Eastern/10:00 a.m. Pacific to learn how to meet the new email authentication requirements, ensure the deliverability of your critical emails, and safeguard your brand and your business from email fraud.

Prepare for the E-pocalypse: New Email Authentication Rules

Organizations frequently encounter substantial gaps in security between preventive Identity Access Management (IAM) controls and general-purpose detection and response (D&R) systems. These gaps become apparent post initial compromise, in the middle of the attack chain, where adept attackers showcase their abilities to move laterally and escalate privileges en route to the organization's critical assets. As a solution, identity threat detection and response (ITDR) systems have gained prominence to address and mitigate these vulnerabilities in identity security.

Join us for this 45-minute webinar. You will learn:
- How and why attackers have shifted their tactics to focus on vulnerable identities versus vulnerable systems
- Where gaps exist between IAM controls, D&R systems and attacker tools
- What ITDR systems do and how they complement existing security controls

The Rise of Identity Threat Detection and Response Systems

The 2019 HMSS Cybersecurity Survey indicated that email is the initial point of compromise for healthcare cyber-attacks, with Business Email Compromise (BEC) becoming the favored tactic by cybercriminals. Because BEC emails do not carry malicious payload and are narrowly targeted, it’s difficult for health institutions to detect these attacks. With overall losses of more than $1.7 billion in 2019, BEC attacks are quickly becoming a significant headache for healthcare CISOs. Join us for a deep dive into the dos and don’ts when it comes to BEC, and best practices to mitigate against risk of this vital attack vector.

ISSA Thought Leadership Series: BEC Attacks – Who’s Impersonating Whom?

BEC Attack

hmss

Hackers

Email Security

Cyber Security

Cyber Attacks

Cyber Crime

Health IT

protect #1 threat vector

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

ISSA Thought Leadership Series: BEC Attacks – Who’s Impersonating Whom?

Presented by

About this talk

More from this channel