Name: Your Ultimate Guide to Phishing Mitigation
Start: 2020-11-12T22:40:00Z
End: 2020-11-12T23:41:48.000Z
Location: BrightTALK
Rating: 4.75

KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created to help organizations manage the problem of social engineering, spear phishing, and ransomware attacks, through a comprehensive new-school awareness training approach. KnowBe4 trains employees to make smarter security decisions.

No matter how much security technology we purchase, we still face a fundamental
security problem: people. This webinar will explore the different levers that social
engineers and scam artists pull to make us more likely to do their bidding.

Join Jacqueline Jayne (JJ), KnowBe4's Security Awareness Advocate as she shares
her insights and examples of mental manipulation in everyday life: from the tactics used
by tricky advertisers to sophisticated social engineering and online scams. Additionally,
we’ll look at how to ethically use the very same levers when educating your users.

Key Takeaways
- The Perception Vs. Reality Dilemma
- Understanding the OODA (Observe, Orient, Decide, Act) Loop
- How social engineers and scam artists achieve their goals by subverting - -
OODA Loop's different components
- How we can defend ourselves and our organizations

Levers of Human Deception: The Science and Methodology Behind Social Engineering

Cyber crime has become an arms race where the bad guys constantly evolve their attacks while you, the vigilant defender, must diligently expand your know how to prevent intrusions into your network. Staying a step ahead may even involve becoming your own cyber crime investigator, forensically examining actual phishing emails to determine the who, the where, and the how.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, shows you how to become a digital private investigator! You’ll learn:

- How to forensically examine phishing emails and identify other types of social engineering
- What forensic tools and techniques you can use right now
- How to investigate rogue smishing, vishing, and social media phishes
- How to enable your users to spot suspicious emails sent to your organization 

Get inside the mind of the hacker, learn their techniques, and how to spot phishing attempts before it’s too late!

Cyber CSI: Forensically Examine Phishing Emails to Protect Your Organization

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries’ inability to engineer secure systems. Password complexity, length, and rotation requirements are the bane of your end-user experience and literally the cause of thousands of data breaches. But it doesn't have to be that way!

Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, and David Littman from Truth In IT to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy.

In this webinar you'll learn:
- Why passwords are so easy to hack and how the bad guys do it
- How to craft a secure, risk-focused password security policy
- The truth about password managers and multi-factor authentication and how they impact your risk
- How to empower your end users to become your best last line of defense

The Pesky Password Problem: Policies That Help You Gain the Upper Hand

A growing number of organizations worldwide are utilizing cryptocurrency for a host of investment, operational, and transactional purposes. Seemingly overnight, technologies like non-fungible tokens (NFTs) emerged and just as quickly, cybercriminals learned how to capitalize on organizations’ naivete for their own benefit. 
 
Are you still not sure about the ins and outs of NFTs and cryptocurrencies? Should your organization even care? The answer is YES, and we are here to help you make sense of it all. Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, as he shares what you need to know to defend yourself in this new age of Web 3.0. 
 
Roger will cover:
- The business impact of NFTs and cryptocurrencies: What are they and why should you care
- The various and increasingly popular attacks against NFT and cryptocurrencies
- How you can best defend yourself and your organization from becoming the victim of an attack
- The projected future of NFTs and cryptocurrencies
 
Stay up-to-date on the latest technologies and their hidden threats!

Understanding the Threat of NFT and Cryptocurrency Cyber Attacks

The average compliance document is dozens to hundreds of pages long and includes numerous controls. And you’re expected to meet all those controls to regulatory satisfaction. The problem with that is most organizations are forced to do “checklist security” with very little consideration given to actually improving their security stance.

Your mission, should you choose to accept it (i.e. Mission Possible), is to determine how to turn compliance into meaningful risk reduction. And luckily, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, 30-year security veteran, and former auditor is here to help!

Roger will help you develop a plan to prioritize these controls so you turn compliance requirements into tangible security improvements.

In this session you will learn:
- Why compliance and security goals conflict rather than compliment
- How to ensure compliance improves your security posture
- How to create a data-driven compliance management plan

Gain the insight you need to turn compliance into a security asset.

Mission Possible: Turning Compliance Into Tangible Security

Organizations like yours are repeatedly attacked with phishing campaigns - no one is safe from them. But what needs to happen when one of your end users clicks a link or opens an attachment in a social engineering phishing email? You need to know how to quickly and effectively react to the attack and measure the overall risk.

In this on-demand webinar James McQuiggan, KnowBe4’s Technical Evangelist, shows you how your organization can quickly and effectively react to a phishing attack, mitigate the impact, and reduce your organizational risk in the future.

You’ll learn the 5 things to do when your organization becomes the victim of a phishing attack:
 
1. Incident Response criteria for single or mass phishing infections
2. Keys measures for your recovery process
3. Tools that can help with your recovery process
4. How threat intelligence can help you prevent future attacks
5. The importance of training your users to report phishing red flags and avoid future incidents

5 Things To Do When Your Organization Becomes the Victim of a Phishing Attack

Cybercriminals have added a devious weapon to their attack arsenals - malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These innocuous looking pop ups can wreak havoc on your network while remaining completely undetected. They look more realistic than traditional phishing methods and are designed to trick your unsuspecting users. This is just the latest in a list of sneaky browser attacks the bad guys use to infiltrate your network.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist and Tom Bechtold from SecureWorld to find out what you need to know now about malicious browser attacks and how to stop them.

Watch this session to learn:
- How legitimate websites are targeted to deliver these stealthy phishing attacks
- Why browser notification phishing attacks bypass your cyber defenses
- Other sneaky browser attacks the bad guys use to infiltrate your network
- How to shore up your defenses and to protect against them all

Malicious Browser Notifications: Attacks Not Blocked by Your Cyber Defense

Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple in Europe.

In this session, Javvad Malik, Lead Security Awareness Advocate for KnowBe4, will explain how to take your security awareness to the next level and prevent it from going stale. Changing behaviours and creating a culture of security can only be achieved by adopting the right mindset and techniques.

In this session you will learn:

- Why you need to brand the security department the right way
- The psychological approach to getting your message across
- Practical advice on building a strong security culture

It's More Than Phishing; How to Supercharge Your Security Awareness Training

Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking Multifactor Authentication, Roger tested over 150 MFA solutions. And he wants to share what he learned with you!

Join Roger as he discusses the good, the bad, and the ugly lessons he learned from his research. He’ll share with you what works, what doesn’t, and what you should absolutely avoid.

In this webinar you’ll learn about:

- Differences between various MFA tools and why they matter
- Real-world hacking techniques Roger used to expose MFA weaknesses
- What makes MFA software weak or strong and what that means to you
- Tips on choosing the best MFA software for your company
- Why a strong human firewall is your best last line of defense

Get the details you need to know to become a better IT security defender.

Hacking Multifactor Authentication: Lessons Learned After Testing 150 Products

It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard “click and infect” attack vectors?

Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and popular cybersecurity author for this eye-opening webinar. Roger shares his take on several significant, advanced, and yes, crazy cyberattacks he’s seen in the wild. Plus, he’ll share defensive strategies you’ll want to implement to prevent them from affecting your network.

You’ll see examples of 10 amazing hacks showing how:

- Your users’ passwords can be cracked in mere minutes
- Cybercriminals easily bypass multi-factor authentication
- Automated malware can devastate your network
- Hackers can completely take over your network with a few simple steps
- And more!

Find out what you can do to mitigate these advanced hacking techniques instead of becoming the next unknowing victim.

10 of the Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them

No matter how much security technology we purchase, we still face a fundamental security problem: people. This webinar will explore the different levers that social engineers and scam artists pull to make us more likely to do their bidding.

Join Erich Kron, Security Awareness Advocate for KnowBe4, provides fun and engaging examples of mental manipulation in everyday life: from the tactics used by oily car dealers, to sophisticated social engineering and online scams. Additionally, we’ll look at how to ethically use the very same levers when educating our users.

Key Takeaways:
- The Perception Vs. Reality Dilemma
- Understanding the OODA (Observe, Orient, Decide, Act) Loop
- How social engineers and scam artists achieve their goals by subverting OODA Loop's different components
- How we can defend ourselves and our organizations

As organizations have increased their scope of vendors and partners, they have also increased their digital risk surface and are facing new challenges regarding vendor risk management. By taking a data-driven approach to identifying, understanding, and acting on risk, you can efficiently eliminate your organization's most critical third-party security gaps.

Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist and 30-year security veteran, and former auditor who has passed the CPA and CISA exams. Roger will show you how to leverage your organizations’ data to significantly improve your third-party risk management program. 

Roger will show you:

- The evolution of vendor risk management
- Differences between traditional risk management and "real" risk management, and why it matters
- How to create a data-driven risk management plan using best practices

Learn how you can close your organization's most critical third-party security gaps by taking a data-driven approach to identifying, understanding, and acting on risk.

A Data-Driven Approach for Your Third-Party Risk Management Processes

Cybercriminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. And few organizations are prepared to address this growing threat. How can you make sure you aren’t caught off guard when, not if, ransomware gangs put your organization in their sights?

Join us for this thought provoking webinar with Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist and Tom Bechtold from SecureWorld. Roger will teach you what you can do now to help prevent, detect, and mitigate ransomware threats.

In this session you’ll learn:
- What are the root causes of ransomware?
- Who really are the ransomware gangs?
- Is it even legal to pay the ransom?
- How can you best prevent your data from being exfiltrated?
- What can you expect from cyber insurance coverage?

Get the information you need to know now before it’s too late! Watch the Webinar Now!

5 Things You Need To Know About Ransomware Before It's Too Late

DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, quarantine suspicious emails, and reject unauthorized emails. But less than 30% of organizations are actually using them. And even fewer are using them correctly.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way. You’ll also discover six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

You’ll learn:
- How to enable DMARC, SPF, and DKIM
- How to best configure DMARC and other defenses to prevent phishing attacks
- What common configuration mistakes organizations make
- Why a strong human firewall is your best last line of defense

Get the details you need to know now to protect your organization from phishing and social engineering attacks.

Implement DMARC the Right Way to Keep Phishing Attacks Out of Your Inbox

The scary fact is that the majority of data breaches are caused by human error. With so many technical controls in place hackers are still getting through to your end users. How are they so easily manipulated into giving the cybercriminals what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

In this webinar Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the "Cyber Kill Chain" in detail to show you how a single email slip up can lead to the total takeover of your network.

Roger will show you:
- How detailed data is harvested using public databases and surprising techniques
- Tricks used to craft a compelling social engineering attack that your users WILL click
- Cunning ways hackers deliver malicious code to take control of an endpoint
- Taking over your domain controller and subsequently your entire network

But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it's too late!

Hacking Your Organization: 7 Steps Cybercriminals Use to Control Your Network

Ransomware attacks are on the rise — and they’re estimated to cost global organizations billions of dollars in damages and downtime. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks.

So, how can your organization avoid getting held hostage? Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware.

In this webcast we will cover:
- What new scary ransomware strains are in the wild
- Am I infected?
- I’m infected, now what?
- Proven methods of protecting your organization
- How to create a “human firewall”

Don’t get held hostage and become a statistic! Join us to learn how to avoid these scary attacks.

Your Ransomware Hostage Rescue Guide

Organizations like yours use regulatory guides and compliance frameworks as the foundation of their list of controls. You can easily have many hundreds to thousands of controls to create and manage.  

Unfortunately, many organizations are skewed unknowingly toward pure compliance activities and not most efficiently accomplishing real risk reduction.

Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, 30-year security veteran, and former auditor who has passed the CPA and CISA exams for this informative webinar. Roger will explore how compliance and security differ and how you can both be compliant and efficiently reduce your organization’s most important risks.

Key elements he’ll discuss:

- How to accurately determine your organization’s risk factors
- Why you should focus on the root causes of exploitation
- Linking your risk-ranked mitigations to the threats they offset
- Implementing the new risk rankings in your GRC solution

Luckily, with just a few modifications in your current process, you can use your risk management process to get both compliance and efficient real-world security.

Strategies to Achieve Compliance and Real Risk Reduction at the Same Time

Skyrocketing attack rates, double and triple extortion, increasing ransom demands… cybercriminals are inflicting pain in every way imaginable when it comes to today’s ransomware attacks. And you need to be prepared to protect your network, NOW.

Find out the steps you need to take to minimize damage to your network and your organisation when a ransomware attack strikes.

In this on-demand webinar Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, will take you step-by-step through best practises for preventing ransomware attacks and a post-attack response plan. 

You’ll learn:
- Critical first steps to take when you think you’ve been hit with ransomware
- Tips for protecting your data and your network from further infiltration
- How to determine whether network credentials or data have been compromised
- Step-by-step actions to guide your response, recovery and mitigation 

Don’t let cybercriminals run rampant within your network. Find out how to protect yourself before it’s too late!

Ransomware Hostage Rescue Checklist: Preventing & Surviving a Ransomware Attack

Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don’t have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don’t get caught in a phishing net! Learn how to avoid having your end users take the bait.

This webinar, hosted by Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, covers a number of techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks. We didn't just cover one angle. We’ll came at it from all angles!

Join Roger as he dives deep to teach you how to develop a comprehensive, defense-in-depth plan, introduces technical controls all organizations should consider, covers the benefits of new-school security awareness training, and goes over the best practices for creating and implementing security policies, all while staying phish-free!

Your Ultimate Guide to Phishing Mitigation

Phishing

Social Engineering

Security Awareness

Email Security

Cyber Security

Cyber Defence

Network Security

IT Security

Information Security

Cyber Crime

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Your Ultimate Guide to Phishing Mitigation

Presented by

About this talk

More from this channel