Africa - You've Been Phished: The State of the Human Factor in Cybersecurity

Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4. 

With 30+ years experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you’re prepared to defend against quickly-evolving IT security threats like ransomware.

Join Roger and SecureWorld for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware.

In this session you’ll learn:

- How to detect ransomware programs, even those that are highly stealthy 
- Official recommendations from the Cybersecurity & Infrastructure Security Agency (CISA)
- The policies, technical controls, and education you need to stop ransomware in its tracks
- Why good backups (even offline backups) no longer save you from ransomware

You can learn how to identify and stop these attacks before they wreak havoc on your network.

Security professionals have worried about cyber warfare for decades. But the attack on Sony Pictures, the Solarwinds supply chain compromise, and now the latest Microsoft Exchange zero-day exploits show that nation-state attacks are having a much bigger impact than ever before.

Don’t let the big names fool you. Today, any organization is fair game, which means your organization could be next.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist to find out how these attacks are evolving and why organizations like yours are their new target.

In this webinar you’ll learn:

- The history of nation-state attacks and how they’re changing
- Why these attacks now impact organizations of all sizes and industries
- How you can mitigate the threat of nation-state attacks
- Why it’s critical to empower your organization’s human firewall 

You did not sign up for this, but the digital cold war is here.

Corporate privacy concerns are more paramount right now than ever before. Organizations are being forced to maneuver a new world of security and privacy issues related to a remote workforce, evolving hardware/software needs, and employee access policies. Kevin Mitnick knows this world well. In fact, that's the topic of his book, The Art of Invisibility.

Join us for this exclusive webinar as Kevin Mitnick, KnowBe4's Chief Hacking Officer, and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, enter into an eye-opening discussion of the expected and unexpected risks this workforce evolution brings.

They will discuss topics including:

- Privacy concerns around employees using personal devices for business purposes
- Security issues with various operating systems, mobile devices, and the Internet of Things
- The reality of "deep privacy" and how tied together devices, systems, and surveillance really are
- Shocking new demonstrations that will change the way you think about privacy
- Why new-school security awareness training is more critical than ever before

Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.

In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle

Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:

- The importance of securing your organization's critical data
- How to determine Supplier Security Proficiency
- Why it’s important to understand the source of third-party products
- The impact Vendor Questionnaires have on your Security Posture
- How leveraging a GRC platform can ease the burden of risk assessments and audits

On March 2, Microsoft released emergency security updates to plug multiple zero-day security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email and compromise environments.

Literally hundreds of thousands of organizations globally have been affected by this Exchange mass hack and now may be victims compromised by multiple cybercrime groups. Whether your organization is running Exchange itself or receives emails from organizations using Exchange servers, the risk has just skyrocketed.

Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist has created a special security alert webinar to share critical insights about the Microsoft Exchange attack and what you can do about it.

Watch it now to learn:
- Details about the hack and and defense strategies
- What makes this so different from other mass attacks
- Why “trusted third-party phishing” makes your organization a target whether you run Exchange or not
- What you need to do now to protect your organization

Cybercriminals have added a devious weapon to their attack arsenals - malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These innocuous looking pop ups can wreak havoc on your network while remaining completely undetected. They look more realistic than traditional phishing methods and are designed to trick your unsuspecting users. This is just the latest in a list of sneaky browser attacks the bad guys use to infiltrate your network.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist to find out what you need to know now about malicious browser attacks and how to stop them.

Attend this session to learn:

- How legitimate websites are targeted to deliver these stealthy phishing attacks
- Why browser notification phishing attacks bypass your cyber defenses
- Other sneaky browser attacks the bad guys use to infiltrate your network
- How to shore up your defenses and to protect against them all

Taxes are unavoidable, and unfortunately, so are the annual tax-related phishing scams. This year, with the COVID-19 pandemic continuing to keep people working from home, cybercriminals have all they need to cause serious disruptions to your organization. From traditional Business Email Compromise (BEC) scams to W2 scams the bad guys are going to be very busy, but we can help you navigate these challenges and keep your organization secure.

Join us for this webinar with Erich Kron, Security Awareness Advocate at KnowBe4, to understand how these attacks work, why they are so effective and why the pandemic will make them even more potent than usual.

This webinar will discuss:

- The methodology behind BEC and tax scams
- The psychology behind the attacks and why they work
- How these attacks are carried out and why COVID-19 makes them scarier than ever
- Defensive strategies and the tricks you can use for making them most effective
- How to defend your organization by strengthening your human firewall

You know that compliance is an important requirement but can also be time-consuming and fraught with risk. Still, most organizations have not implemented the processes and tools necessary to manage the compliance process efficiently. The often-tedious processes related to compliance don’t have to be a burden or a risk. Your security and compliance can be aligned and made more efficient by reducing or eliminating redundant steps and using the right tools.

Join Erich Kron, Technical Evangelist at KnowBe4, to learn how you can streamline your processes to effectively demonstrate compliance and save so much time.

In this webinar we will discuss:

- Common challenges organizations face regarding compliance
- The dangerous impact non-compliance can have on your organization
- Differences between organizational and departmental compliance
- Find out how to streamline your audit processes, assign tasks, and organize evidence in a way that will save you tons of time.

Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the bad guys are preying on those vulnerabilities more savagely than ever.

Join us for this exclusive webinar where Kevin Mitnick, KnowBe4’s Chief Hacking Officer and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer dive deep into the strategies cybercriminals are using to raise the stakes.

In this webinar you’ll hear about:

- Router configurations that put WFH and hybrid home/office endpoints in danger
- New browser exploits that are making your employees more vulnerable
- Why you can’t trust your trusted senders (supply chain attacks)
- The ominous effects of several real-life ransomware attacks

Fake news and disinformation have become an unfortunate part of our everyday lives. And the bad guys are using it to influence you and affect your organization. To help you interpret the barrage of confusing and oftentimes conflicting information, we have turned to the experts including former CIA Analysts, Rosa Smothers and Cindy Otis.

Join Perry Carpenter, Chief Evangelist and Strategy Office at KnowBe4, along with Rosa, now KnowBe4’s SVP of Cyber Operations and Cindy, author of True or False: A CIA Analyst’s Guide to Identifying and Fighting Fake News, as they take on all things fake news.

In this webinar you'll learn:
- The different kinds of disinformation that bad actors use to trick you
- How nation states use fake news to infiltrate your organization
- Why disinformation is so dangerous
- How to spot and avoid disinformation campaigns
- Ways you can train your users to spot disinformation and keep your organization safe

In today's digital age we are surrounded by massive amounts of data every day. This makes it ridiculously easy to gather shockingly detailed information about anyone… even your organization. Bad actors use open source intelligence (OSINT) techniques to gather this inside knowledge and create attacks your users will click on. No one knows this better than former CIA Cyber Threat Analyst and Technical Intelligence Officer, Rosa Smothers. But she can show you how to use OSINT to turn the tables on the bad guys and regain the upper hand.

Join us as Rosa, now KnowBe4's SVP of Cyber Operations shares her insights on how to leverage OSINT to defend your organization and think like a hacker!

Rosa will show you:

- How to go beyond general OSINT techniques to gather the details you need for effective investigations
- Apps and analytic techniques that enhance your research and data interpretation
- Live demonstrations of OSINT gathering techniques you can use before the bad guys do
- How training your users to understand OSINT and their digital footprint can protect your organization from threat actors

Learn how to use hackers' best techniques against them!

Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.

With 30+ years experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you’re prepared to defend against quickly-evolving IT security threats like ransomware.

Join Roger for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware.

In this session you’ll learn:

- How to detect ransomware programs, even those that are highly stealthy
- Official recommendations from the Cybersecurity & Infrastructure Security Agency (CISA)
- The policies, technical controls, and education you need to stop ransomware in its tracks
- Why good backups (even offline backups) no longer save you from ransomware

You can learn how to identify and stop these attacks before they wreak havoc on your network.

Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don’t have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don’t get caught in a phishing net! Learn how to avoid having your end users take the bait.

This webinar, hosted by Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, covers a number of techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks. We didn't just cover one angle. We’ll came at it from all angles!

Join Roger as he dives deep to teach you how to develop a comprehensive, defense-in-depth plan, introduces technical controls all organizations should consider, covers the benefits of new-school security awareness training, and goes over the best practices for creating and implementing security policies, all while staying phish-free!

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries’ inability to engineer secure systems. Password complexity, length, and rotation requirements are the bane of your end-user experience and literally the cause of thousands of data breaches. But it doesn't have to be that way!

Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy.

In this webinar you'll learn:

- Why passwords are so easy to hack and how the bad guys do it
- How to craft a secure, risk-focused password security policy
- The truth about password managers and multi-factor authentication and how they impact your risk
- How to empower your end users to become your best last line of defense

David Tutwiler, Director of Information Technology, South Western Communications, knows first hand what it’s like to have a security incident interrupt his evening. That spoofed CEO email requesting gift cards can certainly mimic real life circumstances. And when real life and threats in the wild come together, your planned downtime can turn into a nightmare.

Throughout his many years as an IT Pro, David has learned that embracing security awareness training can help prevent those unsettling emergency calls. While he’s learned much of this on the job, one of his important recommendations is to learn from other IT pros’ experiences. And he’s here to share his insight with you.

In this session, David Tutwiler CISSP, and Erich Kron, KnowBe4’s Security Awareness Advocate share their perspectives about the human element of security. Together, they discuss:

- Reinforcing responsibility and good behavior with your end users
- Advice for gaining leadership buy-in and demonstrating ROI
- Tips for success when implementing your own security awareness strategy

That got us thinking… what if we whip out our magnifying glasses, pull out the trench coats and use our research skills to differentiate fact from fiction? Join us for this interactive webinar where we’ll help you decide how to invest your time and money wisely, how to implement worthwhile defenses, and what holes to plug so your organization gets the best bang for your security budget buck.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and Erich Kron, KnowBe4’s Security Awareness Advocate, along with TruthInIT's David Littman as they uncover the truth behind these 5 top IT security myths. They state facts and sling stats!

- Good data backups will save you from ransomware
- Long passwords are safer than short passwords
- Running an obscure OS keeps your network safe
- Every organization needs antivirus and firewalls on endpoints
- End users can’t be trained; technology is your only defense

We all have come to understand that most of the successful breaches started with a phishing attack. Through use of technologies such as DMARC, DKIM, SPF, MFA, and a host of great vendor solutions we can get our arms around this threat. Technologically. But people are people and we love to click on stuff. Now, we must get our employees involved in the shared responsibility of security and awareness. So, people are the answer? This panel will discuss how we carefully blend People, Process, and Technology to strengthen the organization together.

Did you know that only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks? But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to your end-user.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way! Then, you'll learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

What you’ll learn:

- How to enable DMARC, SPF, and DKIM
- Common configuration mistakes
- How to best configure DMARC and other defenses to fight phishing
- Techniques to empower your users to identify and avoid phishing attempts that make it through your surface-level defense

Watch our webinar now to learn how to do all this, and much more!

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!

Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, a security expert with over 30-years experience, and David Littman of TruthInIT for this video webinar where they will explore 12 ways hackers can and do get around your favorite MFA solution.

The on-demand webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.

You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:

- 12 ways hackers get around multi-factor authentication
- How to defend your multi-factor authentication solution
- The role humans play in a blended-defense strategy