Your Ultimate Guide to Phishing Mitigation

Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.

With 30+ years experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you’re prepared to defend against quickly-evolving IT security threats like ransomware.

Join Roger for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware.

In this session you’ll learn:

- How to detect ransomware programs, even those that are highly stealthy
- Official recommendations from the Cybersecurity & Infrastructure Security Agency (CISA)
- The policies, technical controls, and education you need to stop ransomware in its tracks
- Why good backups (even offline backups) no longer save you from ransomware

You can learn how to identify and stop these attacks before they wreak havoc on your network.

Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don’t have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don’t get caught in a phishing net! Learn how to avoid having your end users take the bait.

This webinar, hosted by Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, covers a number of techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks. We didn't just cover one angle. We’ll came at it from all angles!

Join Roger as he dives deep to teach you how to develop a comprehensive, defense-in-depth plan, introduces technical controls all organizations should consider, covers the benefits of new-school security awareness training, and goes over the best practices for creating and implementing security policies, all while staying phish-free!

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?

For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries’ inability to engineer secure systems. Password complexity, length, and rotation requirements are the bane of your end-user experience and literally the cause of thousands of data breaches. But it doesn't have to be that way!

Join Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy.

In this webinar you'll learn:

- Why passwords are so easy to hack and how the bad guys do it
- How to craft a secure, risk-focused password security policy
- The truth about password managers and multi-factor authentication and how they impact your risk
- How to empower your end users to become your best last line of defense

Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.

In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle

Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:

- The importance of securing your organization's critical data
- How to determine Supplier Security Proficiency
- Why it’s important to understand the source of third-party products
- The impact Vendor Questionnaires have on your Security Posture
- How leveraging a GRC platform can ease the burden of risk assessments and audits

David Tutwiler, Director of Information Technology, South Western Communications, knows first hand what it’s like to have a security incident interrupt his evening. That spoofed CEO email requesting gift cards can certainly mimic real life circumstances. And when real life and threats in the wild come together, your planned downtime can turn into a nightmare.

Throughout his many years as an IT Pro, David has learned that embracing security awareness training can help prevent those unsettling emergency calls. While he’s learned much of this on the job, one of his important recommendations is to learn from other IT pros’ experiences. And he’s here to share his insight with you.

In this session, David Tutwiler CISSP, and Erich Kron, KnowBe4’s Security Awareness Advocate share their perspectives about the human element of security. Together, they discuss:

- Reinforcing responsibility and good behavior with your end users
- Advice for gaining leadership buy-in and demonstrating ROI
- Tips for success when implementing your own security awareness strategy

That got us thinking… what if we whip out our magnifying glasses, pull out the trench coats and use our research skills to differentiate fact from fiction? Join us for this interactive webinar where we’ll help you decide how to invest your time and money wisely, how to implement worthwhile defenses, and what holes to plug so your organization gets the best bang for your security budget buck.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and Erich Kron, KnowBe4’s Security Awareness Advocate, along with TruthInIT's David Littman as they uncover the truth behind these 5 top IT security myths. They state facts and sling stats!

- Good data backups will save you from ransomware
- Long passwords are safer than short passwords
- Running an obscure OS keeps your network safe
- Every organization needs antivirus and firewalls on endpoints
- End users can’t be trained; technology is your only defense

We all have come to understand that most of the successful breaches started with a phishing attack. Through use of technologies such as DMARC, DKIM, SPF, MFA, and a host of great vendor solutions we can get our arms around this threat. Technologically. But people are people and we love to click on stuff. Now, we must get our employees involved in the shared responsibility of security and awareness. So, people are the answer? This panel will discuss how we carefully blend People, Process, and Technology to strengthen the organization together.

Did you know that only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks? But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to your end-user.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way! Then, you'll learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

What you’ll learn:

- How to enable DMARC, SPF, and DKIM
- Common configuration mistakes
- How to best configure DMARC and other defenses to fight phishing
- Techniques to empower your users to identify and avoid phishing attempts that make it through your surface-level defense

Watch our webinar now to learn how to do all this, and much more!

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!

Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, a security expert with over 30-years experience, and David Littman of TruthInIT for this video webinar where they will explore 12 ways hackers can and do get around your favorite MFA solution.

The on-demand webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.

You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:

- 12 ways hackers get around multi-factor authentication
- How to defend your multi-factor authentication solution
- The role humans play in a blended-defense strategy

The password has been around a LONG time. It’ll probably always live on in some form. For InfoSec professionals it is a source of contention. Companies already have enough to worry about with the day in and day out business. Getting hacked because your employees utilize weak passwords isn’t part of the plan.

In this session we are going to have a candid discussion with Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, on:

- What challenges lay beyond weak passwords
- Unpack browser password hacking
- Breached passwords (think PasteBin)
- Multi-Factor Authentication

And a few others that will likely surprise you!

Whether you're creating a new product, going through a merger & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk to your organization. As we can see from Marriott’s acquisition of Starwood, not undergoing a full security and privacy assessment can present huge problems for your organization and now Marriott faces a $123.6 million dollar fine due to lack of due diligence.

One way to reduce risks and identify security/privacy risk is to conduct a data protection impact assessment. Not only will this assessment help you reduce business risk, but it also helps identify new processes in your organization to maintain compliance with GDPR, LGPD, CCPA and other global privacy laws.

Join Lecio DePaula Jr., KnowBe4’s Data Privacy Director, for this webinar to hear about creating a robust data protection impact assessment to analyze new processes, workflows, and products to identify problems before they happen.

In this webinar you’ll learn:

- Best practices for conducting a robust DPIA
- The privacy and security risks of M&A, creating new software products, other initiatives
- How conducting a DPIA aligns with global privacy requirements
- Common DPIA mistakes and how to avoid them
- Tools that help manage and streamline your DPIA process

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and TruthInIT's David Littman as they dive into:

- Why data backups (even offline backups) won’t save you
- Evolved threats from data-theft, credential leaks, and corporate impersonation
- Why ransomware isn’t your real problem
- How your end users can become your best, last line of
defense

The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the “Cyber Kill Chain” in detail to show you how a single email slip up can lead to the total takeover of your network.

Roger will show you:
- How detailed data is harvested using public databases and surprising techniques
- Tricks used to craft a compelling social engineering attack that your users WILL click
- Cunning ways hackers deliver malicious code to take control of an endpoint
- Taking over your domain controller and subsequently your entire network

But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it's too late.

Corporate privacy concerns are more paramount right now than ever before. Organizations are being forced to maneuver a new world of security and privacy issues related to a remote workforce, evolving hardware/software needs, and employee access policies. Kevin Mitnick knows this world well. In fact, that's the topic of his book, The Art of Invisibility.

Join us for this exclusive webinar as Kevin Mitnick, KnowBe4's Chief Hacking Officer, and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, enter into an eye-opening discussion of the expected and unexpected risks this workforce evolution brings.

They will discuss topics including:

- Privacy concerns around employees using personal devices for business purposes
- Security issues with various operating systems, mobile devices, and the Internet of Things
- The reality of "deep privacy" and how tied together devices, systems, and surveillance really are
- Shocking new demonstrations that will change the way you think about privacy
- Why new-school security awareness training is more critical than ever before

There’s no shortage of frightening ransomware statistics and news reports to scare the pants off of you, but what is in short supply is practical advice from experts on exactly what you need to know to prevent ransomware BEFORE it affects your network.

This is your chance to get your ransomware questions answered so that you can PREVENT ransomware from compromising your organization in 2021. Join us for this webinar with security author, speaker, and expert - Roger Grimes, Security Awareness Advocate at KnowBe4 - who answers attendees burning questions!

Facts are facts, but what happens when IT security pros take myths at face value?

That got us thinking… what if we whip out our magnifying glasses, pull out the trench coats and use our research skills to differentiate fact from fiction? Join us for this interactive webinar where we’ll help you decide how to invest your time and money wisely, how to implement worthwhile defenses, and what holes to plug so your organization gets the best bang for your security budget buck.

Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and Erich Kron, KnowBe4’s Security Awareness Advocate, as they uncover the truth behind these 5 top IT security myths. They state facts and sling stats!

- Good data backups will save you from ransomware
- Long passwords are safer than short passwords
- Running an obscure OS keeps your network safe
- Every organization needs antivirus and firewalls on endpoints
- End users can’t be trained; technology is your only defense

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

Join us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

- Why data backups (even offline backups) won’t save you
- Evolved threats from data-theft, credential leaks, and corporate impersonation
- Why ransomware isn’t your real problem
- How your end users can become your best, last line of defense

Months of quarantine, transitioning to work from home, economic uncertainty, social and political turmoil… it’s easy to see why your employees are amped up, tense and distracted. And the bad guys are preying on those vulnerabilities more savagely than ever.

Join us for this exclusive webinar where Kevin Mitnick, KnowBe4’s Chief Hacking Officer and Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer dive deep into the strategies cybercriminals are using to raise the stakes.

In this webinar you’ll hear about:

- Router configurations that put WFH and hybrid home/office endpoints in danger
- New browser exploits that are making your employees more vulnerable
- Why you can’t trust your trusted senders (supply chain attacks)
- The ominous effects of several real-life ransomware attacks

Fake news and disinformation have become an unfortunate part of our everyday lives. And the bad guys are using it to influence you and affect your organization. To help you interpret the barrage of confusing and oftentimes conflicting information, we have turned to the experts including former CIA Analysts, Rosa Smothers and Cindy Otis.

Join Perry Carpenter, Chief Evangelist and Strategy Office at KnowBe4, along with Rosa, now KnowBe4’s SVP of Cyber Operations and Cindy, author of True or False: A CIA Analyst’s Guide to Identifying and Fighting Fake News, as they take on all things fake news.

In this webinar you'll learn:
- The different kinds of disinformation that bad actors use to trick you
- How nation states use fake news to infiltrate your organization
- Why disinformation is so dangerous
- How to spot and avoid disinformation campaigns
- Ways you can train your users to spot disinformation and keep your organization safe