Bait the Phishing Hook: How To Write Effective Social Engineering Emails
Phishing is used in more than 9 out of 10 targeted attacks, making them an important part of your security assessments and user education. In this webinar for security professionals, Chris Hadnagy talks about how to write effective social engineering emails both for phishing campaigns as part of a penetration test and for simulated phishing campaigns to measure awareness.
Participants will learn about:
Latest phishing trends from cyber-criminals and foreign nations
Using spear phishing in targeted attacks as part of your security assessments
How to run phishing simulations to measure user awareness
Social engineering approaches to trigger user behavior
Examples of field-proven phishing emails
RecordedDec 12 201347 mins
Your place is confirmed, we'll send you email reminders
With confidential data under attack on many fronts, it is time to look at how encryption can protect data access and what your business could be doing to employ encryption, from servers to endpoints to removable media.
Nicholas J. Percoco, Director – Information Protection, KPMG
This presentation will take a look at the current state of the payment industry and provide experienced-based insight into why this industry continues to become a victim of data breaches. We’ll discuss short comings associated with the current controls employees by many merchants and payment processors and what new tactics can be applied to provide attack mitigations.
In today’s world of advanced persistent threats, security professionals need to implement new methods and strategies to gain the upper hand in protecting their business. Thinking like an attacker isn't really good enough. However, incorporating hacker methodologies & tools will give security teams the situational awareness and intelligence needed to respond quickly to new & previously unknown threats.
Thinking like an attacker isn't good enough, nor are traditional solutions, as smart adversaries already know which technologies they'll disable on your system. However, incorporating the right hacker-like methods and tools can give security teams a new level of situational awareness and context needed to respond quickly to targeted, persistent threats.
Attendees will learn a new approach consisting of four fundamentals: Detect, Remediate, Analyze and Resist. The presentation will provide detailed information including how to:
• Use attacker technology and tools against adversaries to detect their presence on all endpoints
• Incorporate the same stealth techniques that attackers use to remain hidden from you - so you can monitor them
• Leverage forensics at the point of attack to better understand the overall threat
• Use big data analytics to collect and analyze behavioral data across the enterprise
Rocky DeStefano, VP Strategy and Technology, Click Security
Advanced adversaries refining techniques hourly against a highly complex and constantly evolving enterprises with a Security team that is overwhelmed at a disadvantage immediately causes a chasm in overall Risk for most organizations. Learn how the best teams create more defensible state through enhanced visibility and advanced analytics in order to reduce the risk gap and quickly close any window of opportunity for an attacker.
Jay SCARAMAZZO, CIPM, CIPP/E, CIPP/US, CIA, CISA, CRISC, CRMA, ACDA, CSPO, CIFE, MBA
Data Encryption has been spoken about for years, but finally ENCRYPTION importance has come front-page. From the recent Snowden NSA Affair to major data breaches at Target, companies now have no choice but to consider securing their data at the source.
This presentation will introduce you to your responsibilities in providing your customers with the Due Diligence (Risk Control and Executive Management Oversight) and Due Care (Continuous Monitoring through Security Practices, Procedures, Policies, Processes and Standards) that their personal data deserves.
ESET security researcher Lysa Myers reports on developments in healthcare IT system security that she observed attending the recent HIMSS conference in Orlando. Find out what is being done to better protect patient data privacy.
Dr. Ron Ross, Computer Security Division, Information Technology Laboratory
In this webinar, Ron answers the question, "how do we provide for the common defense in the digital age?" With continuous advances in technology, this question can pose a big problem for organizations developing or modifying a security strategy.
Join Ron as he covers the basics of defense against the most problematic vulnerabilities, the tools at your disposal to fight them, and a T.A.C.I.T security strategy that you can implement today in your organization.
Davi Ottenheimer, Senior Director of Trust, EMC Corporation
The rising scale and complexity of IT has opened more opportunities than ever for abuse and attack. Can our latest advances in data science and software-based environments also redefine threat and risk management options? This presentation highlights examples of new and innovative approaches that successfully have reduced risk even across different-sized organizations.
Privacy risk mitigation is not just regulatory compliance. The public is setting the tone for what is appropriate for information that is not yet regulated. And it is within that space, the unregulated space, where the big risks and career opportunities lay. Tune in to hear how privacy is an emerging disruptive force in infosec.
Michael Shaulov, co-founder and CEO of Lacoon Mobile Security
Hear from mobile security experts how mobile attacks are perpetrated and what can be done to stop them. Michael Shaulov, co-founder and CEO of Lacoon Mobile Security, will discuss the current mobile threat landscape and the anatomy of emerging iOS and Android attacks. He will explain why existing security solutions are simply not equipped to protect enterprises from the emerging advanced mobile threats facing most enterprises today. Shaulov will also provide the new requirements for security in this mobile age and detail the capabilities needed to effectively detect and mitigate the wide variety of mobile threat vectors. Attendees should walk away from this presentation with a clear understanding of the risks they are facing and how they can effectively manage and embrace mobility, without fear.
John Masserini, VP & Chief Security Officer, MIAX Opt and Bruce Tolley, Phd, VP Solutions and Technical Marketing, Solarflare
At this webinar attendees will learn the top five audit, compliance and security challenges facing IT managers and network architects today and hear an overview of the solutions available to identify and respond to these challenges. No single solution can address the rigorous requirements for audit and compliance as well as the dynamic nature of the security threats facing enterprise and service provider networks. This webinar will review three practical use cases that can be implemented immediately, offer tips to help you evaluate both "bump in the wire" and "bump in the stack" best-in-breed products, and discuss how to integrate various products with security information and event management (SIEM) systems. Attendees will leave this session with a clear understanding of the top five things they can do to improve network monitoring and security in their network.
A portion of this webinar includes a presentation by John Masserini, VP & Chief Security Officer, MIAX Options titled, "Advanced Intelligent Threat Management"
Advanced Intelligent Threat Management is the ability to leverage the multitude of public & private sources into a cohesive threat indicator. By analyzing the various threat indicators and understanding the reliability of those sources and how to integrate them into the overall risk profile. By using Open Source big data tool suites, you are able to determine, in near-real time, the potential impact of an threat has to your specific organization. This presentation will give a brief, high level overview of the technologies and approaches to leveraging existing systemic information and external threat indicators to develop a more proactive security program.
Winn Schwartau, CEO, The Security Awareness Company
The Show Must Go On! How Stevie Wonder, Paul Simon, Bob Marley and Charlie Daniels prepared me for the Security Industry. This highly entertaining and relevent presentation maps the skills needed in my first career as a recording engineer for live productions to best practices for cyber security incident reporting and escalation. A great case for interdisciplinarianism.
Our cyber-security education system fails to train adequately. We don’t teach history – to our own detriment. We don’t create a foundation of actionable knowledge, instead relying on book knowledge. We don’t explore interdisciplinary synergies and we have failed to embrace failure as a well-earned skill set. In the music business, we had to deal with constant failures, beginning with equipment malfunctions in our DIY world. We had to be able to fix on the fly and deal with the human foibles of musicians and unions (i.e., users).
Join me in looking at decades of technology and how so much of we have all learned in “Prior Lives” can be the live lessons for how we deal with information security.
Richard Moulds, Thales e-Security VP of Strategy and Product Marketing
Addressing virtually any of the current security mega-trends – government surveillance, privacy regulation, BYOD, cloud computing and big data - drives the need for more cryptography across core systems infrastructure and critical business applications. Whether encrypting sensitive data, strengthening IDs and credentials or digitally signing documents and software the actual security benefits you gain depend heavily on how you manage your cryptographic keys. Key management is not a simple task and it carries with it serious business continuity issues, real operational costs and is frequently a point of scrutiny for auditors. The days of using spreadsheets and thumb drives for managing cryptographic keys are numbered.
During this session we will look at the types of keys that organizations have to manage, and how the key management challenge varies across multiple use cases in the enterprise. We’ll cover developments in the area of key management technologies, new standards that are emerging and preview the results of a global survey on the use of encryption and key management practices.
45% of data breaches reported in 2013 were from the medical and healthcare sector. ESET researcher Lysa Myers looks at information security in the healthcare industry and how we can do better when it comes to protecting the privacy of patient data.
Manish Gupta, SVP of Products, FireEye; Dave Merkel, CTO and VP of Products, Mandiant
On January 2, FireEye announced that it had acquired Mandiant, the leading provider of security incident response management solutions, creating a united front against cyber threats.
In a live webinar with FireEye and Mandiant executives, learn why traditional security technologies are unable to address today's threat landscape and why complete, continuous threat protection requires real-time detection, contextual threat intelligence, and rapid incident response.
Why you should attend:
•Learn about the FireEye acquisition of Mandiant.
•Understand today's threat landscape, including the damage being caused from new advanced techniques.
•Discover how FireEye and Mandiant together stop advanced attacks at the earliest phases of the attack lifecycle.
Stephen Cobb, Sr. Security Researcher, ESET North America
With consumers and customers more concerned than ever about their data privacy, you need to be sure your business is doing enough to protect personally identifiable information (PII). ESET security and privacy expert Stephen Cobb explains how smart privacy strategies not only protect your company, but win you more business.
Did you know that more than 1.5Bn mobile devices will be shipped in 2016? These devices are more powerful than ever, empowering users to access, share, and collaborate on information in new ways that we never thought possible.
Join us as we explore current trends in enterprise mobility and how to get ahead of the explosion in devices that will soon hit your company.
Arbor’s 9th Annual Worldwide Infrastructure Security Report (WISR) gives IT security professionals a rare view into the most critical security challenges facing today’s networks. This annual report is designed to help you make more informed decisions about your enterprise network security strategies in 2014 and beyond. Find out what types of attacks are top of mind for enterprises today and gain insight into the growth of application layer DDoS attacks and advanced targeted attacks.
Join this web seminar to learn:
- The growth of DDoS attacks against enterprise networks and mobile devices
- How an increase in DNS attacks led to enterprise website outages
- How some of the largest network operators are handling advanced targeted attacks on a network levelJoin this web seminar to learn:
- The growth of DDoS attacks against enterprise networks and mobile devices
- How an increase in DNS attacks led to enterprise website outages
- How some of the largest network operators are handling targeted attacks on a network level
Rob Koplowitz (Forrester), Ted Schadler (Forrester), Whitney Bouck (Box)
Consumer sync and share tools help people access and send personal files, but smart IT leaders know that businesses require more than just ease-of-use. Strong security, mobile support, and deployment architecture are just a few of the many important factors to consider when evaluating vendors for a company-wide solution. Where should you start?
Join guest speakers Rob Koplowitz, VP and Principal Analyst at Forrester Research, Ted Schadler, VP and Principal Analyst at Forrester Research, and Whitney Bouck, SVP & GM of Enterprise at Box, for a complimentary webinar that will help you create a 3-step plan to select the right vendor for your business needs.
In this webinar, you'll learn:
-- The current landscape of the content sharing and collaboration market and gain insight into its future
-- Criteria that Forrester Research uses to evaluate vendors, such as mobile support, security, and deployment architecture
-- How to identify your unique requirements and create a shortlist of providers to pilot
Cliff Neve, Vice President of the Hacker Academy and MAD Security
Join Cliff Neve. Vice President of the Hacker Academy and MAD Security, to discuss some points that prove problematic when it comes to leading your team and implementing a cyber security framework. Topics discussed include:
--Gaining Executive Level Buy-In
--Balancing operations and Security
--Creating a Sense of Urgency
--Making every employee a sensor
--Winning at the Budget Game
Cliff brings a lot of experience from many different angles to this webinar. Over his military career he held such leadership positions as Deputy CIO of the White House Communications Agency, Chief of Staff at Coast Guard Cyber Command, and Assistant Program Manager for C4ISR for the $24B Coast Guard Acquisition effort.
Cybersecurity knowledge center with focus on Social Media Security
This channel is ideal for Information Security professionals interested in exploring emerging cybersecurity threats, primarily those stemming from social networking platforms.
UKI is an information technology and information security training provider and the creator of the industry’s most comprehensive Social Media Security Training and Certification program powered by CompTIA. For the past 15 years, UKI has been the preferred training partner for the Department of Defense, Federal Agencies, DOD Contracting Partners, and Fortune 500 companies. For more information, visit http://www.ultimateknowledge.com
Bait the Phishing Hook: How To Write Effective Social Engineering EmailsChris Hadnagy, Chief Human Hacker, Social-Engineer, Inc. and Christian Kirsch, Senior Product Marketing Manager, Rapid7[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]46 mins
Learn more about BrightTALK's products and services.