Hi [[ session.user.profile.firstName ]]

Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks

Email is the most popular communication tool, as well as the entry point for up to 95% of security breaches. As cyber criminals evolve their techniques, targeted, enterprise-facing email attacks are rapidly increasing, fueled by an almost inexhaustible supply of potential victims and the tremendous profits awaiting successful fraudsters.

This talk will provide an overview of both the technical and psychological principles these criminals take advantage of, shedding light on why traditional defenses continue to fail. We will then describe a set of new defense mechanisms that enable enterprises to stop these attacks and review the results of early experiments with these approaches, which offer a new perspective on ways to prevent email fraud.

Presenter:
Dr. Markus Jakobsson is a security researcher with interests in applied security, ranging from device security to user interfaces. He is one of the main contributors to the understanding of phishing and crimeware, and is currently focusing his efforts on human aspects of security and mobile security.
Recorded Dec 7 2016 50 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Markus Jakobsson, Chief Scientist, Agari
Presentation preview: Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Quantifying Cyber Risk to Board Members and C-Suite Mar 20 2019 9:00 pm UTC 60 mins
    Gaurav Banga, Founder and CEO, Balbix
    Today, most C-suite and boardroom discussions on cybersecurity are based on gut feelings and incomplete data. Many CIOs and CISOs are quite uncomfortable in these meetings, mainly because they know that they only have a vague idea about the enterprise’s overall cybersecurity picture and are forced to pretend they know what’s going on.

    If a major cybersecurity incident happens, some senior executive becomes the scapegoat. Everyone agrees to increase cybersecurity spending and tighten things up. Then the cycle continues, but nothing really changes. How can we all do better?

    Join Gaurav Banga, Founder and CEO of Balbix as he discusses:
    - Behind-the-scenes deliberations in the board room
    - Challenges in understanding and measuring the enterprise security posture
    - What a mature and cyber-resilient security posture looks like
    - How you can get there

    Gaurav Banga, PhD is the founder and CEO of Balbix, and he also serves on the boards of several companies. Before founding Balbix, Gaurav was the co-founder and CEO of Bromium and led the company from its inception for more than five years.
    Earlier in his career, Gaurav served in various executive roles at Phoenix Technologies and Intellisync Corporation. He was also co-founder and CEO of PDAapps, which was acquired by Intellisync in 2005. Gaurav started his industry career at NetApp. He has a doctoral degree in computer science from Rice University. He is a prolific inventor with
    more than 60 patents.
  • Creating a Cybersecurity Culture Mar 20 2019 3:00 pm UTC 44 mins
    Heather Stratford, CEO of Stronger.tech
    For the last 2 decades, technology security was delegated to the IT team. It was role specific and designated for one small subsection of the IT team. That mentality and way of thinking must change.

    A paradigm shift is required for the whole organization. Every part of the organization contributes to the success or failure of the organization. Creating a security culture is not a one-time event, it is a new way of talking and acting.

    Join this webinar with Heather Stratford, CEO of Stronger.tech to:
    - Understand the steps that need to happen to create this culture
    - See where your organization is on the scale of creating a Strong Security Culture
    - Learn why creating a security-minded culture is an essential part of the "new" requirements for a CIO.
  • Cost of Data Breach: An Ounce of Prevention is Worth a Pound of Cure Mar 20 2019 9:00 am UTC 60 mins
    Athar Awan, Cyber Security Professional
    In this webinar, we will be talking about not only the cost of data breaches but also impact of breaches and lesson learned for businesses, trends to reduce the risks and finally conclusion about how to prevent data breaches.
  • Demystifying Cyber for the Board and Beyond Mar 19 2019 4:00 pm UTC 60 mins
    Griff James, Director, Damrod Analysis Ltd
    Successful security programs explain the situation, the risks, and the options available in a way that is both simple and true. Damrod draws on military analytical frameworks to develop map models that accurately depict the cyber terrain and guide the generation of a series of overlays. These build to create an Effects based plan suitable for Governance, Risk, and Compliance needs.

    Join this webinar for an introduction to the cyber-as-conflict model developed by Damrod.
  • Live Webcam Panel: Operationalizing Cybersecurity Mar 19 2019 3:00 pm UTC 60 mins
    Michelle Drolet, Towerwal, Amy McLaughlin, Oregon State University and Ariful Huq, Aporeto
    Cybersecurity, much like safety, cannot be achieved - it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it.

    Join us for an interactive Q&A panel with security leaders to learn more about how to operationalize cybersecurity.

    Topics up for discussion:
    - Making information security relatable
    - Building security programs
    - Defining your cybersecurity strategy
    - Translating your cybersecurity strategy into a risk management plan
    - Operationalizing your cybersecurity strategy
    - Using the maturity capability model for measuring success

    Moderator:
    Michelle Drolet, CEO, Towerwall
    Panelists:
    Amy McLaughlin, Director of Information Services, Oregon State University
    Ariful Huq, Director of Product Management, Aporeto
  • Cyber Security Panel: The Case for Optimism Mar 19 2019 2:00 pm UTC 60 mins
    Griff James, Wyatt Hoffman, Alan Mears and Gina Yacone
    There is too much fear and derision from the old guard of cybersecurity. Big breaches are used as justification for sales pitches and pedestals to mock the victims. While it is undeniable that cybercrime continues to grow, and future of cyber conflict is contested, there is good cause to think we are doing better than we imagine.

    And that we can win in the future.

    No competitive team enters a contest with a ‘let’s catch up’ mentality. Leaders inspire us to victory. CISO’s need to fill to role of champion and present a positive message – ‘we can win’.

    Join this talk with industry thought leaders as we discuss the state of the conflict and emergent tactics from AI to insurance that promise to re-define cyber defence.

    Moderator:
    Griff James, Director, Damrod Analysis Ltd
    Panelists:
    Wyatt Hoffman, Senior Research Analyst, Cyber Policy Initiative, Carnegie Endowment for International Peace
    Alan Mears, Associate Director, Risk Advisory, Deloitte LLP
    Gina Yacone, Cybersecurity & Threat Intelligence Consultant, Agio
  • What do you get when you cross a CEO and a CISO’s strategy Mar 19 2019 1:00 pm UTC 45 mins
    Mark Chaplin, Principal, ISF
    While the board ‘get cyber’, questions remain around embedding cyber risk management into business strategy execution. For many CISOs, strategy alignment represents the best opportunity to engage with the board and ensure a business-driven approach to managing cyber risk.

    So how should business leaders develop, update and execute business strategy with so many cyber-related implications? How can organisations meet their business goals, against a backdrop of increasing cybersecurity costs, greater regulatory scrutiny and increased frequency and magnitude of data breaches?

    In this webinar, Mark Chaplin, Principal, ISF will discuss the significance of aligning security strategy with business strategy. Mark will draw on executive engagement, exploring the essential factors for success and highlighting the pitfalls to avoid.
  • The Threats of 2019 Mar 19 2019 11:00 am UTC 48 mins
    Bogdan Botezatu, Director of Threat Research and Reporting, Bitdefender
    What threats can we expect to see in 2019, and how do we make sure we're prepared?

    Join Bitdefender Director of Threat Research and Reporting, Bogdan Botezatu to discuss research-based predictions on the biggest threats of 2019. He'll walk through the future of cryptojacking, advanced persistent threats (APTs), network-level exploits, IoT attacks, and others and provide recommendations on the industry's best defenses against these threats.
  • Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search Recorded: Mar 13 2019 44 mins
    Brenden Bishop, Data Scientist, the Columbus Collaboratory
    Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.
  • [Earn 1 CPE] Revitalizing Access Control Programs: Intelligent Automation Recorded: Mar 7 2019 64 mins
    Colin Whitaker, Informed Risk Decisions; Phil Shomura, Senior Product Manager, ACL
    Access control, a critical component of IT security compliance programs, ensures that organizations protect confidential information, like intellectual property and customer data. But your access management program can easily become outdated and static—especially if you rely on manual control testing and user access administration tasks.

    By using robotics and process automation, or RPA, you can tackle some of the common challenges associated with access control programs. RPA works 24/7, reduces human error, and saves employees from manual, repetitive tasks. RPA might be the key to advancing your access control program.

    Join this CPE webinar for insights into how you can reduce costs, increase efficiency and improve the effectiveness of your access control program with RPA. We will share:

    - How to get started with an access control program.
    - Ways to evaluate the right tools to automate processes at a task level, and align to your process automation strategy.
    - Practical steps you can take to see value from advanced analytics in risk management, compliance, and continuous monitoring programs.
    - How to embed governance, risk management, and controls into your enterprise’s mobilization and deployment of RPA, so you can catch issues before they arise.
  • Distinguish Signal from Noise: Find Threats in Your Security Sensor Data Recorded: Feb 27 2019 45 mins
    Slava Nikitin, Data Scientist, The Columbus Collaboratory
    Join us for this webinar that will recommend how to deal with your “big data” problem when dealing with the massive volume of raw, unprocessed data points from your network security sensors. Hint: don’t start with the data and attempt to drill down to the problem. Instead, as Slava Nitikin, Data Scientist from the Columbus Collaboratory will explain, you must start by the defining problem, building a threat model, and then focusing on the corresponding signals in your sensor data. We will walk through the use case for an Active Directory password spraying attack to demonstrate how to define and apply appropriate filters to your security data for faster detection, more accurate threat scoring and more effective security overall.
  • Benchmarks for Corporate Cybersecurity Recorded: Feb 26 2019 62 mins
    Marilia Wyatt (WSJ Pro Cybersecurity), Lou Celi (ESI ThoughtLab) and Kim Landgraf (Security Industry Association/SIA Women)
    Presented by WiCyS and SIA...

    This webinar from Women in CyberSecurity (WiCyS) and the Security Industry Association (SIA) will present the findings of The Cybersecurity Imperative research project produced by WSJ Pro Cybersecurity and ESI ThoughtLab and sponsored by SIA. We will share insights into how 1,000-plus organizations around the globe measure their cybersecurity preparedness and how they are preparing for future cyber threats.

    In this 45-minute program, we’ll also share a new tool that allows you to compare your own organization’s preparedness to the aggregated data of study participants.

    Expect to Learn:
    •Current threats organizations are facing
    •Cyber risk management approaches
    •Where organizations plan technology and staffing investments for cybersecurity
    •The impact of cybersecurity “maturity”
    •The costs of cybersecurity breaches

    Presenters:
    •Marilia Wyatt (WSJ Pro Cybersecurity)
    •Lou Celi (ESI ThoughtLab)
    •Kim Landgraf (Security Industry Association / SIA Women in Security Forum)

    Interviewer:
    •Taly Walsh, Executive Director (WiCyS)
  • Rethinking the Human Risk Recorded: Feb 21 2019 47 mins
    Flavius Plesu, Head of Information Security, Bank of Ireland (UK)
    Are traditional awareness raising campaigns (e.g. CBT, phishing simulations) affording sufficient protection against ever evolving cyber-attacks? With human errors being the #1 cause of security incidents and data breaches, it is now a CISO imperative to tackle behavioural change and effectively manage the human risk. This recognised need reflects the acceptance that how the workforce behaves is dependent on the shared beliefs, values and actions of its employees, and that this includes their attitudes towards cybersecurity.

    Key topics covered in this presentation:
    • People-related challenges and frustrations the industry is facing
    • Why a new approach to awareness and culture is required
    • Innovative approaches adopted by leading organisations

    Your organisation can only be secure if you make people your strongest defence. Attend this session to discuss how to turn your human risk into your biggest advantage in cyber security!

    Flavius Plesu:
    A business-focused cyber security leader, Flavius has held senior security positions both within the public and the private sector and has lead a number of enterprise-wide security transformation programmes, in complex global organisations. Passionate about solving real industry problems, cultivating and building teams to deliver on the organisation’s mission, values and goals.

    Alongside his role as a Head of Information Security at Bank of Ireland UK, Flavius is also one of the Founders of OutThink, a team of CISOs and security practitioners who are changing the way in which organisations engage with their employees to shape behaviours and manage human risk in the context of cyber security.
  • Critical Actions to Prevent a Data Breach in 2019 and Beyond [Recording] Recorded: Feb 20 2019 76 mins
    Panelists: Nick Hayes, Forrester; Idan Shoham, Hitachi-ID; Jason Bonds, Ping Identity; Perry Carpenter, KnowBe4
    * This is a recording so CPE credit is unavailable.

    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • Response and Mitigation Tactics While Under Fire Recorded: Feb 20 2019 42 mins
    Liviu Arsene, Global Cybersecurity Analyst, Bitdefender
    Global cybersecurity analyst Liviu Arsene will discuss the response and mitigation steps organizations should take while in the midst of an attack. He'll share best practices for combatting the attack, as well as steps that should be taken to notify clients, assess damage, and learn from the breach to build defenses against future attacks.

    Liviu Arsene is a global cybersecurity analyst for Bitdefender, with a strong background in security and technology. Reporting on global trends and developments in computer security, he writes about malware outbreaks and security incidents while coordinating with technical and research departments. His passions revolve around innovative technologies and gadgets, focusing on their security applications and long-term strategic impact. When he's not online, he's either taking something apart or putting it back together again.
  • The Orchestration Journey in Incident response Recorded: Feb 20 2019 45 mins
    Andy Yeates, Solutions Architect, IBM Resilient
    Organisations today need to be agile, and dynamic in responding to the most advanced cyber threats, and although automation has it's place in improving SOC efficiencies, human intelligence is still one of the most important aspects in effective incident response.

    In this session learn more about the journey to Intelligent orchestration and how leveraging it in an uncertain world can empower your organisation.
  • Delivering an Effective Cyber Security Exercise: Enhanced Breach Response Recorded: Feb 20 2019 45 mins
    Daniel Norman, Research Analyst, ISF
    Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.

    Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.

    In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.
  • Best Practices for Protecting Your Business from Cybercrime Recorded: Feb 19 2019 62 mins
    Michelle Drolet (Towerwall), Michael Thelander (Venafi), William Peteroy (Gigamon), Kalani Enos (kenos)
    Cybercrime has evolved from random activities being carried out by individuals into a billion dollar illegal industry that continues to grow. How is cybersecurity keeping up with the rise of cybercrime?

    Join this panel of security experts to learn more about:
    - Trends in cybercrime and lessons learned in 2018
    - The cost of data breaches
    - Rise of cryptojacking and ransomware
    - Who are the players who make up the world of cybercrime (e.g. programmers, distributors, fraudsters, etc.)
    - The CISO vs the cybercriminal
    - Best practices for protecting your business

    Speakers:
    - Michelle Drolet, CEO, Towerwall
    - Michael Thelander, Director of Product Marketing, Venafi
    - William Peteroy, Security CTO, Gigamon
    - Kalani Enos, Founder & CEO, kenos Technologies (Moderator)
  • Top Cybersecurity Threats and 2019 Predictions Recorded: Feb 19 2019 37 mins
    Kelvin Murray, Sr. Threat Research Analyst, Webroot
    Small and medium-sized businesses are major targets for cybercriminals. To stay safe, today’s businesses must understand the different types of cyberattacks they may encounter and implement strong cybersecurity practices.

    Register for this 30-minute webinar on the key threats businesses faced this year and what's upcoming in 2019 to get details and tips that will help you keep your business and clients safe. Our Threat expert will be discussing ransomware, banking Trojans, phishing and all the crypto-crime that’s wreaking havoc on IT pros.

    Book your place and get some key insights, including:

    · 2019 Threat Landscape Predictions
    · Observed business trends (how businesses worry about the wrong threats)
    · Where stolen data/information ends up
    · Long term effects of data theft
  • IoT Series [Ep.3]: IoT Essentials -- Selecting a Vendor Recorded: Feb 12 2019 49 mins
    Johna Till Johnson, CEO & Founder, Nemertes Research
    Selecting a vendor partner (or partners) is one of the most critical decisions enterprises will make on their IoT journeys. The right partner makes all the difference: enterprises with top-ranked partners report greater success in generating revenue, cutting costs, and optimizing business processes via IoT.
    • Who are the right providers?
    • What are the critical factors to consider in selecting one?

    This webinar reviews the provider landscape and highlights critical selection factors for companies of all sizes and industries.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks
  • Live at: Dec 7 2016 7:00 pm
  • Presented by: Markus Jakobsson, Chief Scientist, Agari
  • From:
Your email has been sent.
or close