Name: One Million Office 365 Phishing Misses, Explained
Start: 2020-11-18T23:50:00Z
End: 2020-11-18T23:51:01.000Z
Location: BrightTALK
Rating: 5

Area 1 Security stops phishing attacks preemptively and comprehensively across email, web, and network traffic. Phishing is the #1 cyberattack vector and over 95% of all breaches begin with a phishing attack—making phishing the cause of financial losses, data exfiltration and brand damage to organizations large and small. 

By looking at phishing comprehensively and preemptively; and leveraging a cloud-native architecture, Area 1 Security has found great success in helping F500 customers secure their move to the cloud while supporting the needs of their global and mobile end-user base.

Aligning your cybersecurity approach to frameworks like MITRE ATT&CK can be an effective tool, applicable to any industry. And while phishing is just one adversary tactic mentioned in “initial access”, MITRE ATT&CK can guide a comprehensive email security strategy — to ensure that you effectively stop malware, ransomware, credential theft, Types 1-4 BECs and other advanced threats.

Phishing and the MITRE ATT&CK Framework

The increase of sensitive data stored and shared via email, combined with the growing prevalence of phishing attacks exacerbate cybersecurity risks. Phishing is the root cause of 95% of breaches, while poor visibility and control of cloud email create data governance challenges for 90% of organizations. Traditional approaches come up short, missing phishing campaigns and preventing organizations from controlling and monitoring email once it’s shared.

Virtru and Area 1 Security deliver seamless, end-to-end encryption and advanced cloud email security for maximum security ROI, protecting organizations from phishing attacks while keeping email contents protected everywhere they’re shared.
What You’ll Learn:

Key trends related to the evolving email threat landscape and how traditional email security approaches fail to address emerging challenges, putting organizations at risk of data breaches, privacy violations, and noncompliance penalties.

Virtru and Area 1’s best-of-breed joint solution for encryption and cloud email security that helps organizations strengthen their security posture.

How Area 1 proactively hunts and intercepts sophisticated phishing campaigns like Business Email Compromise, which look innocuous to cloud email suites — all while reducing time spent on phishing investigations by up to 90%.

How Virtru’s end-to-end encryption, persistent control, and granular audit protect email everywhere it’s shared to keep email and attachments private and compliant.

Deliver Best-of-Breed Cloud Email Security  & Encryption

So far this year, Area 1 has intercepted $273 MILLION+ in active Business Email Compromise — phishing attempts that were missed by Office 365, email gateways and other traditional defenses.

Even with ATP, if you’re missing a purpose-built, cloud-native email security layer, your Office 365 users are at risk for Business Email Compromise phishing and other advanced threats.

Join Area 1’s Sr. Product Manager and former CISO of Guess? Inc, Kevin Wilson, along with Dominic Yip, Director of Sales Engineering, on Aug. 27th to understand:

How bad actors evade Office 365’s ATP, email authentication and other security layers to successfully phish your users

Recent examples of BEC and other phishing campaigns that bypassed Office 365 defenses, but were blocked by Area 1

How to boost Office 365’s native security with six cloud-native techniques, such as campaign source analytics, conversational context analysis, partner social graphing and more

Attendees will also receive a complimentary copy of Gartner’s 2020 “Protecting Against Business Email Compromise Phishing Attacks” report.

Microsoft Office 365, Compromised

You’ve tuned your email security, and configured DMARC correctly, yet your employees are still getting phished. Why? 

Email authentication and sender reputation were designed to help brands deliver their email messages properly to inboxes; but they were not designed to help protect your organization from the most sophisticated phish. In fact, our co-founder/CSO, Blake Darché, and our principal security researcher, Javier Castro, will demonstrate through the creation of a real-time live attack, that even when you deploy DMARC for your domain:
It’s easy it is to establish a new phishing domain that exploits trusted infrastructure
It’s fast to set up DMARC, SPF and DKIM policies for new phishing domains in order to reach inboxes
You need to detect phish beyond email authentication via comprehensive message analysis, computer vision, domain registration checks, and other techniques beyond email authentication. 

Attackers know the DMARC basics, and can easily exploit trusted infrastructure and new domains to compromise  your trusted business partners or internal employee accounts to get phishing emails into your inbox.

See how easy it is to set up a phishing campaign that evades email authentication and lands in your inbox - and what you should do, instead.

Bypass DMARC in 60 Minutes or Less

Pour an afternoon drink and join a virtual happy hour to discuss Cybersecurity’s crucial role in times of crisis. Jeb Linton, CTO of IBM’s Partner Ecosystem and Cognitive Security, Kevin Wilson, former Guess? Global Information Security Officer, and other security experts will discuss the persistent trends and attack types brought on by the COVID-19 pandemic that continue to plague IT infrastructure. How can cybersecurity professionals lead when it comes to balancing work culture disruptions, the economic downturn and realities of budget constraints — all while bad actors continue to ramp up their efforts to infiltrate organizations?

The Role of Cybersecurity in Times of Crisis

Protecting Microsoft Office 365 from phishing attacks - the #1 cause of cyber breaches - presents a massive challenge. Your organization’s inboxes are prime phishing targets, and bad actors have already adapted their efforts to the cloud. Far from being a barrier, O365 is a tool for cybercriminals.

5 Ways to Improve Office 365 Email Security

The “Seven CISOs You Meet in Hell” are the CISOs that fail to learn from history’s mistakes … who stay stuck in common cybersecurity pitfalls,  instead of strengthening their cybersecurity posture.

7 CISOs You Meet in Hell... And How Not to Become the 8th

The Covid-19 era’s large remote workforce and tax-related phishing scams means all organizations are at significantly greater risk of damaging financial cybercrime. Yet, even tools like Office 365 with ATP, DMARC, DKIM and SPF fail to stop these phishing attacks.

How to Stop Financial Phishing Attacks

Effective Cybersecurity in the Days of COVID-19

Pour yourself an afternoon drink and join an uninhibited panel discussion where experts will take your questions and try to ease your cybersecurity pain. We’ll focus on how leaders are managing people, process and technology through these challenging times, to keep their organizations secure.

Our moderator and panel experts will share their unfiltered and provocative perspectives.

So register now, share your questions, and our panelists will give you their take on the most challenging and controversial issues you’re facing these days.

Security Straight Shooters

Your people need the productivity that collaboration tools like Zoom, G Suite, Slack, MS Office, Teams and others give them. And you need to ensure that your newly-expanded remote workforce can’t be preyed on by hackers.

How do you manage both, as phishing attacks that exploit employees’ fears about the novel coronavirus increase dramatically?

In this webinar you’ll get insights from Area 1’s lead threat researcher on:

- How more use of collaborative apps enables phishing and breaches
- Specific techniques employed in sophisticated cyberattacks
- How to block these attacks systematically

You’ll hear about other Fortune 500 companies’ experiences and strategies you can apply to your own business.

How to Secure Remote Workers Now

Business Email Compromise attacks increased by nearly 100% in 2019 — and cost businesses over $1.7 billion in losses. Yet, according to a new Gartner report, traditional email inspection techniques are ineffective at detecting BEC phishing — least of all the new generation of BEC attacks.

The new generation of BEC attacks exploits the weakest links in your digital chain: your trusted suppliers and business partners.
Join the “Business Partner, Compromised” On Demand Webinar and learn:

   -  How BEC phishing techniques have evolved over the past decade
    - The differences between stopping BEC phish from spoofed CEOs vs. infiltrated supply chains
    - How to uncover and close anti-BEC phishing gaps in your SEG, cloud email and DMARC defenses
    Why the remote workforce is particularly susceptible to BEC phishing in the COVID-19 era

Business Partners, Compromised

A new study analyzing nearly 1.5 billion messages sent to customers that use Microsoft as their email provider found that nearly 1 million malicious emails bypassed Office 365 and well-known SEGs, in just one six-month period.

In this webinar with live Q&A session, Area 1’s Senior Threat Researcher, Juliette Cash, and Director of Sales Engineering, Dom Yip, will share the details behind the new “Phishing with the Cloud: One Million Ways Attackers Breach Office 365 Email” threat report.

One Million Office 365 Phishing Misses, Explained

O365

Phishing

Cloud Email Security

Cyber Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

One Million Office 365 Phishing Misses, Explained

Presented by

About this talk

More from this channel