Hi [[ session.user.profile.firstName ]]

How to Prevent 81% of Phishing Attacks from Sailing into Your Inbox with DMARC

Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.

In this special National Cybersecurity Awareness Month edition of Spiceworks' On The Air, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, discusses how to enable DMARC, SPF, DKIM the right way! Learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses and enable your human firewall.

Here’s what we’ll discuss:


How to enable DMARC, SPF, and DKIM

Common configuration mistakes

How to best configure DMARC and other defenses to fight phishing

Techniques to empower your users to identify and avoid phishing attempts that make it through your surface-level defense
Recorded Oct 11 2019 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Roger Grimes, Justin Ong
Presentation preview: How to Prevent 81% of Phishing Attacks from Sailing into Your Inbox with DMARC

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cyber CSI: Learn How to Forensically Examine Phishing Emails Mar 5 2020 6:00 pm UTC 59 mins
    Roger Grimes
    Cyber crime has become an arms race where the bad guys constantly evolve their attacks while you, the vigilant defender, must diligently expand your know how to prevent intrusions into your network. Staying a step ahead may even involve becoming your own cyber crime investigator, forensically examining actual phishing emails to determine the who, the where, and the how.

    In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will show you how to become a digital private investigator!
    You’ll learn:

    - How to forensically examine phishing emails and identify other types of social engineering
    - What forensic tools and techniques you can use right now
    - How to investigate rogue smishing, vishing, and social media phishes
    - How to enable your users to spot suspicious emails sent to your organization 
    - Get inside the mind of the hacker, learn their techniques, and how to spot phishing attempts before it’s too late!
  • Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain Recorded: Feb 26 2020 59 mins
    James McQuiggan
    Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.

    In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle

    Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:

    The importance of securing your organization's critical data
    How to determine Supplier Security Proficiency
    Why it’s important to understand the source of third-party products
    The impact Vendor Questionnaires have on your Security Posture
    How leveraging a GRC platform can ease the burden of risk assessments and audits
  • Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim Recorded: Feb 24 2020 58 mins
    Roger Grimes, David Littman
    There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

    Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and TruthInIT's David Littman as they dive into:

    Why data backups (even offline backups) won’t save you
    Evolved threats from data-theft, credential leaks, and corporate impersonation
    Why ransomware isn’t your real problem
    How your end users can become your best, last line of
    defense
  • The Many Ways to Hack Multi-Factor Authentication Recorded: Feb 19 2020 62 mins
    Roger Grimes, David Littman
    Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, a security expert with over 30-years experience, and David Littman of TruthInIT for this video webinar where they will explore 12 ways hackers can and do get around your favorite MFA solution.

    The on-demand webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.

    You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:

    - 12 ways hackers get around multi-factor authentication
    - How to defend your multi-factor authentication solution
    - The role humans play in a blended-defense strategy
  • Why It's Time for to Start Leveraging a Security Awareness Training Vendor Recorded: Feb 14 2020 33 mins
    Perry Carpenter, Joanna Huisman
    You know that Security Awareness Training (SAT) is a critical step in managing the ongoing problem of social engineering. It may be a compliance requirement your organization needs to meet but a comprehensive SAT program can do much more for you than check the box. Creating and implementing an effective program can seem daunting for someone with a million plates in the air (a.k.a. YOU!) but with the help of a vendor that specializes in a new-school approach to training and testing, you can create a security culture that saves you time, money and headaches.

    Listen to this on-demand webinar as KnowBe4’s Perry Carpenter, Chief Evangelist and Strategy Officer, and Joanna Huisman, SVP of Strategic Insights and Research, discuss:

    •The benefits of partnering with an experienced provider
    •The critical importance of integrated reporting
    •What to look for as you evaluate Security Awareness Training vendors
    You don’t have to go it alone. Learn how you can leverage new-school Security Awareness Training to enable your users to make smarter security decisions, every day.
  • Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim Recorded: Feb 4 2020 58 mins
    Roger Grimes
    There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

    After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

    Join us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

    - Why data backups (even offline backups) won’t save you
    - Evolved threats from data-theft, credential leaks, and corporate impersonation
    - Why ransomware isn’t your real problem
    - How your end users can become your best, last line of defense
  • How to Prevent 81% of Phishing Attacks from Sailing into Your Inbox with DMARC Recorded: Feb 3 2020 59 mins
    Roger Grimes, David Littman
    Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.

    In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and David Littman of TruthInIT will teach you how to enable DMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses. You'll learn:

    - How to enable DMARC, SPF, and DKIM
    - Common configuration mistakes
    - How to best configure DMARC and other defenses to fight phishing
    - Techniques to empower your users to identify and avoid phishing attempts that make it through your surface-level defense
  • Lower Your Business Risk with Best Practice Data Privacy Impact Assessments Recorded: Jan 28 2020 45 mins
    Lecio DePaula Jr.
    Whether you're creating a new product, going through a merger & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk to your organization. As we can see from Marriott’s acquisition of Starwood, not undergoing a full security and privacy assessment can present huge problems for your organization and now Marriott faces a $123.6 million dollar fine due to lack of due diligence.

    One way to reduce risks and identify security/privacy risk is to conduct a data protection impact assessment. Not only will this assessment help you reduce business risk, but it also helps identify new processes in your organization to maintain compliance with GDPR, LGPD, CCPA and other global privacy laws.

    Join Lecio DePaula Jr., KnowBe4’s Data Privacy Director, for this webinar to hear about creating a robust data protection impact assessment to analyze new processes, workflows, and products to identify problems before they happen.

    In this webinar you’ll learn:

    - Best practices for conducting a robust DPIA
    - The privacy and security risks of M&A, creating new software products, other initiatives
    - How conducting a DPIA aligns with global privacy requirements
    - Common DPIA mistakes and how to avoid them
    - Tools that help manage and streamline your DPIA process
  • Empowering Your Human Firewall: The Art and Science of Secure Behavior Recorded: Jan 23 2020 61 mins
    Perry Carpenter, David Littman
    You know that "security awareness" is key to a comprehensive security strategy. But just because someone is aware doesn't mean they care. So how can you design programs that work with, rather than against, human nature? Here's the great news. Creating a security awareness strategy that not only educates, but reinforces good behaviors can be achieved and we'll show you how.

    In this webinar, Perry Carpenter, Chief Evangelist and Strategy Officer for KnowBe4, and David Littman of TruthInIT unpack a number of key elements from his new book Transformational Security Awareness. What Neuroscientists, Storytellers, and Marketers can Teach Us About Driving Secure Behaviors. Drawn from his experience as an awareness practitioner, CISO mentor, researcher, and author, Perry will dive into ideas like how to use "Trojan Horses for the Mind," how to leverage social dynamics to drive behavior and shape culture, and will unveil some exciting new behavior models that will help you stop the bad guys in their tracks.

    This presentation will take a deep (and practical) dive into:

    · How to understand and design for behavioral segments
    · How to successfully debug bad behaviors
    · How to influence motivation in three different ways
    · And why it is important to live your awareness program through the eyes of your audience
  • What Most Computer Security Defenses are Doing Wrong, and How to Fix It Recorded: Jan 23 2020 55 mins
    Roger Grimes, David Littman
    Most companies have huge gaps in their computer security defenses and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.

    But it doesn’t have to be that way!

    Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, and David Littman of TruthInIT for this webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way. Roger will teach you what most organizations are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.

    Roger will teach you:

    · What most companies are doing wrong, why, and how to fix it
    · An action plan to improve the effectiveness of your computer security defenses
    · How to create your “human firewall”
  • The Effects of Ransomware Don’t End with the Ransom for Healthcare Organizations Recorded: Jan 22 2020 60 mins
    James McQuiggan, John Riggi
    Ransomware is back with a vengeance, impacting healthcare organizations like yours around the globe. While it appeared ransomware cases might be decreasing for a brief time, these incidents rose dramatically over the past year. This increase in malicious activity has serious business ramifications — from increasing downtime to causing revenue loss. Ransomware attacks also can impact an organization's' ability to treat patients.

    In this webinar, the American Hospital Association’s Senior Advisor for Cybersecurity and Risk will share an overview of cybersecurity. KnowBe4’s James McQuiggan will cover some of the emerging trends in ransomware. You’ll learn about the recent highly targeted attack vectors and what you can do to prepare before an attack.

    Attendees Will Learn:
    - The new ways offenders are using ransomware to take control of your network.
    - Best practices for defending against and recovering from ransomware attacks.
    - How to detect potentially threatening phishing and social engineering emails.
    - Actionable steps to take if your organization does become a victim.
    - How to create a “human firewall.”
  • Spotting and Defending Against Common Business Email Compromise Tax Scams Recorded: Jan 17 2020 49 mins
    Erich Kron, James McQuiggan
    Tax season is upon us, which makes this prime time for hackers to target your unsuspecting users with the latest Business Email Compromise (BEC) scams. From evolved W2 fraud to tax-related spear phishing, cybercriminals capitalize on the first quarter of each new year with smarter, craftier attacks designed to convince your users to provide confidential information, authorize wire transfers, or enable malicious files.

    In this webinar Erich Kron and James McQuiggan, KnowBe4 Security Awareness Advocates, discuss the new types of BEC scams you can expect to see, what your users should be on alert for this tax season, and how to protect your organization from these evolved threats.

    You will learn:
    - Real-world examples of the latest BEC attacks
    - Common targets within your organization and techniques used to trick them
    - Red flags your users need to know now to spot BEC attacks
    - How to educate your organization so you don’t fall victim

    Don't let your organization become a statistic this tax season! Join our experts to find out how to stop the bad guys before it's too late.
  • Ransomware Hostage Rescue Manual Recorded: Jan 16 2020 55 mins
    Erich Kron, David Littman
    It is estimated that a business falls victim to a ransomware attack every 40 seconds, adding up to a projected $11.5 billion in damages for this year. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks.

    So, how can your organization avoid getting held hostage? Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware.
  • Find Out the Top 9 IT Security Trends You Need to Watch Out for in 2020 Recorded: Jan 14 2020 22 mins
    Roger Grimes, Erich Kron, Javvad Malik
    Cyber security and security awareness landscapes are constantly changing. IT Professionals, like you, always need to know what is coming next in order to build (and maintain) effective security cultures and programs at your organization. Policy changes, evolving technologies, and even world events all play a part in attack vectors and how you respond to threats.

    To help you master the challenges ahead, KnowBe4 Evangelists, Roger Grimes, Javvad Malik and Erich Kron, share their top predictions for the coming year and discuss where the future of security awareness is heading in 2020.

    You'll want to watch this video to see their predictions for:

    •The future of privacy and data protection policies around the world
    •Changes to voting procedures and factors impacting election security
    •How the Internet of Everything and evolved spear phishing will make spotting attacks even harder
    •How you can prepare your users now to identify the threats of tomorrow

    Don’t get caught by surprise - watch their predictions now!
  • Open Source Intelligence (OSINT): Hacking Sources Data Sources That Bad Guys Use Recorded: Jan 10 2020 70 mins
    Kevin Mitnick, Perry Carpenter
    Ever wonder how hackers, spies, and con-artists gather such detailed and convincing intel on their targets? Kevin Mitnick, the world's most famous hacker and KnowBe4's Chief Hacking Officer, knows.

    The truth is that it is shockingly easy to gather detailed intelligence on individuals and organizations. Everything the bad guys need to specifically target your end users is out there for the taking. Banking and credit card accounts, driver's license numbers, geolocation details and even IT secrets can be found easily and through public resources! There’s even a name for it: Open Source Intelligence (OSINT).

    In this mind-blowing webinar, Kevin and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, give you an inside look into some of Kevin’s most prized, underground OSINT secrets and how the bad guys use those techniques to target your users and your organizations.

    Find out what to watch out for and learn how to strengthen your end-user “human firewall” against OSINT-fueled attacks before it's too late!
  • Hacking Your Organization: 7 Steps Bad Guys Use to Take Control of Your Network Recorded: Jan 9 2020 60 mins
    Roger Grimes, David Littman
    The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

    In this webinar Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the "Cyber Kill Chain" in detail to show you how a single email slip up can lead to the total takeover of your network.

    Roger will show you:

    - How detailed data is harvested using public databases and surprising techniques
    - Tricks used to craft a compelling social engineering attack that your users WILL click
    - Cunning ways hackers deliver malicious code to take control of an endpoint
    - Taking over your domain controller and subsequently your entire network

    But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it's too late.
  • Is Your Traditional Security Stack Giving You A False Sense of Security? Recorded: Jan 7 2020 61 mins
    Kevin Mitnick, Perry Carpenter
    Endpoint security, firewalls, VPNs, authentication systems… we’ve all got them. But do they really provide the comprehensive level of security your organization needs to keep the bad guys out? The unfortunate reality is that each of these security layers can provide hackers with a back-door right into your organization. And we're going to show you how.

    In this exclusive webinar Kevin Mitnick, the World's Most Famous Hacker and KnowBe4's Chief Hacking Officer, and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, show you shocking examples of significant vulnerabilities that social engineers and hackers use to circumvent these traditional security layers.

    There is no need for a false sense of security. Better defend your network by learning:

    - The 3 most common causes of data breaches
    - Significant vulnerabilities recently discovered in common technologies
    - Kevin’s top tips for security defenders
    - Why security awareness training is a security layer you can’t afford to skip

    Kevin shares new hacking demos that will scare the daylights out of you.  Find out how to mitigate these risks before it’s too late!
  • Critical Considerations When Choosing Your Security Awareness Vendor Recorded: Jan 7 2020 58 mins
    Perry Carpenter
    It’s become more and more evident to organizations that new-school security awareness training is an absolute requirement for managing the ongoing problem of social engineering. But how do you develop a program that will deliver the goods without doubling your workload or costing an arm and a leg?

    In this on-demand webinar Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer and former Gartner Analyst, steps you through key measures that will help you make an informed security awareness decision for your organization.

    You’ll gain insight into:

    - Critical components to make your program successful from the start
    - Features to look for that will ease implementation and ongoing management
    - How to create a process to demonstrate measurable success

    Find out now how you can not only check the box on security awareness training, but develop sustainable, meaningful change in your organization's security posture.
  • How to Gain and Maintain Executive Support for Security Awareness Training Recorded: Dec 23 2019 39 mins
    Perry Carpenter
    You know that having a healthy and functioning security awareness culture within your organization is key to avoiding a costly data breach. Your employees are your last line of defense against phishing attacks and keeping them on their toes and aware of the latest threats is critical. However, getting buy-in from executives to start, and more importantly, maintain a new-school security awareness program can prove to be a challenge.

    In this webinar, Perry Carpenter, Chief Evangelist and Strategy Office at KnowBe4, helps you detangle the complicated web of politics around securing executive support for security awareness training.

    - Get actionable insights on:
    - Capturing executive attention
    - How to frame the story of your program’s value position
    - What to measure before you present your program
    - How to not drown your executives in data
    - Setting intentional and actionable goals for your program
  • Best Practices for Creating Order from Phish Reporting Chaos Recorded: Dec 11 2019 41 mins
    Greg Kras, Perry Carpenter
    When Greg Kras, KnowBe4’s Chief Product Officer, first rolled out our Phish Alert Button (your users can use it to report suspicious emails), he thought it would be a great way for you to stay up-to-date on actual phishing emails occurring in the wild. Well, he was right but there was also an “interesting side effect”.

    Phish reports grew from a couple hundred emails in the beginning to 10,000+ messages per day! Like you, KnowBe4’s team had to adapt our processes to deal with the influx of reports and create mechanisms to facilitate prioritization, enabling the team to take action.

    Join Greg and Perry Carpenter, KnowBe4 Chief Strategy Officer, as they explore the challenges and opportunities for creating order from your organization’s phish reporting chaos. Learn useful tips and best practices from in the trenches lessons learned to turning today’s “see something, say something” world into an asset rather than a liability.

    Listen to hear about:

    - How to maintain business continuity by returning “clean” messages as fast as possible
    Enriching email data and clustering into groups to expedite prioritization and follow up
    - How Artificial Intelligence and Machine Learning can help you spot real malicious emails even faster
    - How automating your email disposition process can save you so much time
Security Awareness Training
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created to help organizations manage the problem of social engineering, spear phishing, and ransomware attacks, through a comprehensive new-school awareness training approach. KnowBe4 trains employees to make smarter security decisions.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How to Prevent 81% of Phishing Attacks from Sailing into Your Inbox with DMARC
  • Live at: Oct 11 2019 4:05 pm
  • Presented by: Roger Grimes, Justin Ong
  • From:
Your email has been sent.
or close