Name: Countering Cyber Deception to Mitigate Risk
Start: 2023-01-17T12:00:00Z
End: 2023-01-17T12:00:30.000Z
Location: BrightTALK
Rating: 0

Since 2003, Mimecast has stopped bad things from happening to good organizations by enabling them to work protected. We empower more than 40,000 customers to help mitigate risk and manage complexities across a threat landscape driven by malicious cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today. Mimecast solutions are designed to transform email and collaboration security into the eyes and ears of organizations worldwide.

A brand impersonation attack typically involves an email that seems to come from a trusted source, such as a colleague or a familiar organization. These attacks dupe end users into providing sensitive information and/or clicking on links that download malicious content. And, when an organization’s own brand is used in an attack, brand impersonation chips away (or, in some cases, destroys) customers’ trust. Learn what you can do to protect your brand online

Coffee Chats: Protect your Brand - Impersonation

For the season finale of our Threat Intelligence EMEA series, Mimecast’s panel of leading cybersecurity experts bring you a comprehensive round-up of this year's threat landscape. 

Want to be part of the conversation in Season 3? Register here to get access to deeper insights, data-driven knowledge and real-time engagement! https://info.mimecast.com/Threat-Intel-S3-Episode1-Registration.html

Mimecast’s Threat Intelligence EMEA series is an interactive monthly webinar that delivers cutting-edge Threat Intelligence directly from the source, and is dedicated to empowering you and your organization to better understand the landscape, learnings from the field, and evolve your security strategy.

Threat Intelligence EMEA: The Ultimate Cybersecurity Threat Landscape Round-Up

With work from anywhere the new norm, organizations now have to protect a more distributed set of assets. Mesh Architecture moves away from a centralized “perimeter approach”. It is centered around identities of humans and machines on the network, creating smaller, individual perimeters around each access point.

Coffee Chats: MESH - Power of Integration

In this episode of Phishy Business, we discuss the very definition of ransomware and how it can be an overused and underdefined concept. We also take a closer look at the world of threat research.
Our special guest is former professional hacker Charl van der Walt, Head of Security Research at Orange CyberDefense, who now spends his time asking and answering the important questions around cybersecurity, specifically those that pertain to ransomware.
Charl believes we need to move beyond the term ransomware and look more at the concept of cyber extortion because the days of one-off ransomware attacks have given way to a massive, highly profitable, well-organized cyber-crime industry. Charl is working to ensure cybersecurity professionals look at ransomware more in terms as being part of a series of crimes in which security is breached and then something of value is taken and held for ransom. This is because ransom attacks are moving beyond just denial of access to data and are more frequently including confidential data exposure and denial of service in some form. 
In ‘Cyber Extortion – The Next Evolution of Ransomware’, we discuss:
• Redefining the term “ransomware” as “cyber extortion”.
• Why cyber extortion is now a much more appropriate term for security professionals to use.
• The main categories of threats in cybersecurity.
• The trends in ransomware over the past few years that have led to its transformation.
• How to effectively communicate about ransomware to a non-technical audience.
• The work communities can do to prevent ransomware attacks, known as ecosystem-based security.

Phishy Business – The Next Evolution of Ransomware

Anyone involved in email security today is likely familiar with the DMARC standard and its role in helping to secure email from threats like spam, phishing and email spoofing. But what is DMARC exactly, and how does it add another layer of security to business email systems? Learn everything you need to know about DMARC in this webinar.

Coffee Chats: Protect your Brand - Why DMARC

As cyber security professionals, staying ahead of the threat intelligence curve is pivotal to mitigating risk, but is all threat intelligence equal? Joined by acclaimed leader in security, cloud technology, privacy, and risk management, Stephen Owen, Mimecast’s panel of leading cybersecurity experts discusses the latest trends and take-aways to secure your competitive edge. 

Mimecast’s EMEA Threat Intelligence Series is an interactive monthly webinar that analyses trends and threats at the forefront of the industry, unpacking real-world activity impacting local and international organisations.

EMEA Threat Intelligence: Is all Threat Intelligence Equal?

In this episode of Phishy Business, we take a look at how cybersecurity awareness training needs to go beyond just having users sit through training, but in fact, has to work to change user behavior. Listen in to learn more about the importance of cybersecurity awareness training at organizations of all sizes across the globe and how, with today’s diverse and threatening security landscape, cybersecurity is the responsibility of everyone in the organization, not just security professionals. Our special guests are Ira Winkler, award-winning CISO and best-selling author of Security Awareness for Dummies, and our own cybersecurity training expert Duane Nicol, Senior Product Manager – Awareness Training at Mimecast. Ira works to help organizations become more resilient against cyberattack and Duane works to make people feel more involved and included as part of the cybersecurity awareness culture at an organization, driving measurable results.

In ‘Beyond Awareness Training: How to Improve User Behavior’, we discuss:
• How cybersecurity awareness is part of everyone’s job responsibility.
• Why the outcome of cybersecurity awareness training shouldn’t just be awareness, but also should be behavior change. 
• The importance of a just corporate culture to encourage employees to report mistakes. 
• The difference between ‘must’ and ‘should’.
• Whether or not there is ever a role for blame in cybersecurity awareness training. 
• The fact that measurement of cybersecurity awareness programs is crucial. 
• Why if a user clicks on a phishing link, the failure happened much further upstream because a lot of technology had to fail to let that malicious email through, and why holistic remediation is necessary.

Phishiy Business - Beyond Awareness Training: How to Improve User Behavior

In this episode of Phishy Business, we take a look at bots. Listen in to learn more about what bots are, and what they do. Also, learn what can make them good…and what can make them bad. It would seem the answer lies within the intent of the person deploying them. Our special guests are Cyril Noel-Tagoe, Principal Security Researcher at Netacea, and our own Dr. Kiri Addison, Senior Product Manager at Mimecast. Cyril works to understand automated attacks to discover their aim and how to stop them; Kiri is a senior product manager and all-around cybersecurity expert who has a good amount of experience discovering and combatting malicious bots.
In ‘Shining a Light on Bots: The Good and the Bad’, we discuss:
• Some examples of good and bad bots, and how they can be used and misused.
• How bad bots are responsible for as much as 3% of revenue loss.
• That bots can be used in all kinds of cyberattacks, including phishing, and DDoS attacks.
• How bots can skew website metrics, which can falsify entire marketing campaigns.
• That bots are also used to automate tasks for cybercriminals such as validating credentials. 
• The fact that Marketing and IT teams should work together to understand the problem of malicious bots and discover how to best combat them.
• The ways bots can also be used defensively, against cyberattacks.
• How the fact remains:  If the promises of a product or service sound too good to be true, they probably are.

Phishy Business - Shining a Light on Bots: The Good and the Bad

In this insightful episode of the EMEA Threat Intelligence Webinar, we were privileged to host Damian Chung, Business Information Security Officer at Netskope as we ventured into risk, patching, and bug bounty programs

EMEA Cyber Threat Intelligence Webinar – Season 2 – Episode 8

In this EMEA Threat Intelligence Webinar episode, Andrew Williams, Sr. Prod Marketing, Mimecast TI and Ecosystem and Johan Dreyer, Field CTO joined by Roseann Guttierrez Technical Enablement Specialist, IBM Security, where they discussed Automation in Security Operations.

EMEA Cyber Threat Intelligence Webinar – Season 2 – Episode 7

For years, CISOs fought to get their boards to take cybersecurity more seriously. Mimecast’s 7th annual State of Email Security (SOES) 2023 report found that as cyber threats have multiplied, the business community has become increasingly sensitive to the danger and is demonstrating a greater willingness to confront it.

The cyber threats that have captured management’s attention are daunting. Join Mimecast’s expert panel as they share:

*Key findings from the State of Email Security 2023
*How today’s CISOs can capture their board’s attention on cyber risk
*Best practices to mitigate cyber risk with next-gen technology

State of Email Security 2023: Cyber Risk Commands the C-suite’s Focus

Many C-suite executives and company boards are advocating for greater cyber-transparency given the evolving nature of Ransomware and the syndicated ‘follow-the-sun’ models employed by organized crime. In this session, we’ll share new key findings on today’s rapidly changing threat landscape, how organizations can connect and optimize their security ecosystems to fight back against ransomware, and explore how SecOps professionals can help translate cyber-risk into business-risk.

The Risk of Ransomware and the Board’s Evolving Perceptions

In this episode of Phishy Business, we take a look at what has been called the smartest and biggest scam of the 21st century, OneCoin, a cryptocurrency that brought in $4 billion in investments via multi-level marketing and proved to be nothing but a scheme that made one woman who is still on the run very rich. This wasn’t a backroom con, but in fact, was perpetrated by a woman whose adoring fans filled an arena two years after OneCoin’s founding, and whose con took money from millions of people. Our special guest is Jamie Bartlett, author of The Missing Cryptoqueen: The Billion Dollar Cryptocurrency Con and the Woman Who Got Away with It, a book that started out as a podcast in which Jaime tells the all-too-true tale of Dr. Ruja Ignatova, the Oxford-educated fugitive who got away with billions.

In ‘The Billion Dollar Cryptocurrency Scam’ we discuss:
• How Jamie discovered this amazing story.
• A little background on cryptocurrency, its history, and how it works, as well as how Dr. Ruja presented a story and a cryptocurrency that was so appealing to so many people.
• How cryptocurrencies currently make ideal attack vectors for scammers.
• How FOMO is a very powerful tool in the cybercriminal arsenal.
• Why most people’s murky understanding of the tech behind cryptocurrency allowed the alleged victims to be more easily duped by Dr. Ruja and her real and impressive credentials.
• Why cries of OneCoin being a Ponzi scheme from the very beginning went unheeded by investors and regulators.
• How a simple selfie posted on social media can reveal a treasure trove of information for investigators.
• If the promises of a product or service sound too good to be true, they probably are.

Phishy Business- The Billion Dollar Cryptocurrency Scam

In this episode of Phishy Business, we take a look at the skills shortage being faced by IT departments when it comes to hiring cybersecurity experts and how the Absa Cybersecurity Academy is working with its partner, the Maharishi Institute, to assist in helping marginalized South African youth to become certified cybersecurity experts. Together, Absa and the Maharishi Institute are consistently working to develop a sustainable means to give youth the training they need to maintain careers and break the cycle of poverty they have been born into. Our special guests are Shenaaz Abrahams, who has made it her mission to ensure the Absa Academy is giving the most marginalized in her community access to cybersecurity training, and one of the Absa Academy’s success stories, student Kerwin Jacobs.
In ‘Closing the Cybersecurity Skills Gap Through Education and Opportunity’ we discuss:
• What the Absa Cybersecurity Academy is, and its aim
• The holistic learning experience at the Maharishi Institute, which includes a lot of self-development and getting to learn things like transcendental meditation
• Absa’s latest partnership with the Hein Wagner Academy and teaching cybersecurity skills to the visually impaired
• The opportunities for Africa to be a cybersecurity hub and how the continent can help plug the global skills gap while offering employment opportunities in a market with a high unemployment rate
• Why individuals from disadvantaged backgrounds – like those enrolled at the academy – make good cybersecurity professionals
• How the academy has impacted Kerwin’s life
• Some inspiring stories about other students enrolled in the academy

Phishy Business - Closing the cybersecurity skills gap through education

No two organizations are alike. Learn about the email protection in two different deployment options designed to meet varying requirements. Whether your environment is large or small, complex or straightforward, well-resourced or lean and mean, choice email security efficacy in the way that best meets your needs

Coffee Chat Series - Email Security Gateway versus Gateless

In this episode of the EMEA Threat Intelligence Webinar, Thom Bailey, Sr. Director, Strategy & Evangelism, was joined by Andrew Williams, Sr. Prod Marketing, Mimecast TI and Ecosystem, Johan Dreyer, Field CTO and Alex Peters, SE Manager Dach,  where they discussed whether ChatGPT is a friend or foe.

EMEA Cyber Threat Intelligence Webinar – Season 2 – Episode 6

Avoidable human error contributes to 90% of all cybersecurity breaches. No security strategy can succeed if it doesn’t help human beings make good choices when it matters most. Therefore, cybersecurity awareness training must work — but the problem is, too often, it doesn’t. Learn what you can do to train your staff or colleagues on becoming cyber aware.

Mimecast Coffee Chat- Human element, Awareness Training

Emails are not limited to the virtual. For attack campaigns via collaborative platforms and email to be successful there usually needs to be the interaction between human and machine. This relies on an element of deception by the threat actor to lure the target to interact with the malicious entity contained within the communication, as a link, or as an attachment that takes them from the apparent safety of their internal environment to the external. This will often need to be launched through a user following an instruction in the communication, physically ‘clicking’ on the link, or opening an attachment. Research has identified1 that humans are the single biggest exploitable vulnerability within any network.

Countering Cyber Deception to Mitigate Risk

Mimecast

Cybersecurity

IT Security

Threat Intelligence

Threat Defence

Security vulnerability

CISO

Cloud Security

Email Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Countering Cyber Deception to Mitigate Risk

Presented by

About this talk

More from this channel