CISO, Phishing, Social Engineering and Technology

Defending Against Credential Phishing Starts by Protecting Your Users

SecureWorld News

MARCH 1, 2021

As the global pandemic continues to run rampant, CISOs are not only struggling to solve traditional cybersecurity challenges, but are faced with a new surge of pandemic themed phishing scams intended to deceive users and infiltrate organizations. How do I make my users more resilient to phishing scams?

Phishing

Phishing CISO Scams Social Engineering

NIST and No-notice: Finding the Goldilocks zone for phishing simulation difficulty

Webroot

OCTOBER 19, 2021

Earlier this year, the National Institute for Standards and Technology (NIST) published updated recommendations for phishing simulations in security awareness training programs. The thinking obviously being that letting users in on the phishing simulation game will heighten suspicion of their inbox and skew baseline results.

Phishing

Phishing Security Awareness Scams Social Engineering

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

Jane Frankland

MAY 8, 2024

On one hand, AI has been hailed as a game-changing technology with the potential to transform industries and improve our daily lives. As technology advances, cybercriminals are finding new ways to exploit vulnerabilities and infiltrate systems. As CISOs, and ITDMs who are responsible for cybersecurity we can do three things: 1.

Cyber threats

Cyber threats Cybersecurity Artificial Intelligence CISO

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The challenges of being a CISO during the COVID-19 pandemic

IT Security Guru

OCTOBER 14, 2021

The pre-COVID-19 CISO. The global COVID-19 pandemic has been a tumultuous time for Chief information security officers (CISOs) who on any given day have a long and complicated list of responsibilities. When employees click on the link, recipients are not immediately getting the page on their browser or in their device.

CISO

CISO Social Engineering Marketing Cyber Risk

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Knowing what Information Technology (IT) hardware exists is a good place to start (servers, laptops, desktops, tablets, etc.). Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). As technology and threats evolve, so must the security organization. Educate employees.

Healthcare

Healthcare Cyber Attacks Education Social Engineering

Nurturing Our Cyber Talent

IT Security Guru

SEPTEMBER 25, 2023

The IT Security Guru caught up with Tarnveer Singh a CISO and finalist in the Security Serious Unsung Heroes Awards 2023 for his thoughts on how to get more professionals involved in the cybersecurity industry: There are many ways we can inspire new cybersecurity professionals to join our industry. We must reduce barriers to entry.

CISO

CISO Identity Theft Cybercrime Cybersecurity

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

By Dannie Combs , Senior Vice President and CISO, Donnelley Financial Solutions (DFIN) As security threats to data continue to ebb and flow (mostly flow!), The latest bill to address data threats is the RESTRICT Act , also known as the Restricting the Emergence of Security Threats that Risk Information and Communications Technology Act.

Risk

Risk Artificial Intelligence Technology Digital transformation

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

The Last Watchdog

DECEMBER 14, 2023

Or Shoshani , CEO and founder, Stream Security Shoshani As 2023 ends, we’re already seeing businesses adopting technology to diagnose and detect threats to their cloud infrastructure before they occur. Michiel Prins , Co-Founder, HackerOne Prins Ethical hackers are consistently first to pressure-test emerging technology.

Cybersecurity

Cybersecurity Risk Cyber threats CSO

Red Team vs Blue Team vs Purple Team: Differences Explained

eSecurity Planet

FEBRUARY 21, 2023

Blue team members might be led by a chief information security officer (CISO) or director of security operations, making this team the largest among the three. The red team is a smaller group compared to the blue team and it may include a few members such as ethical hackers, locksmiths, programmers, and social engineers.

Social Engineering

Social Engineering Penetration Testing Engineering Risk

VEC Attacker Uses '.cam' Domain in Scam to Garner $36M Payment

SecureWorld News

MARCH 23, 2023

Abnormal's CISO, Mike Britton, wrote about the incident in a March 22nd blog post. " Mark Parkin of Vulcan Cyber said: "Social engineering attacks like this, originating in email, have only been getting worse over the last few years. That's when you need protection that can identify malicious content from a trusted domain."

Scams

Scams Social Engineering Engineering Phishing

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. AI Use Danger As with any emerging technology, many organizations should expect errors and growing pains as teams learn the nuances of applying the technology.

Cybersecurity

Cybersecurity CISO Government Technology

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Additionally, cybercriminals may be able to use inflation to their advantage, such as by sending phishing emails that appear to be from legitimate companies offering discounts or assistance. I think it requires taking a step back and assessing what you can do with less," said Chris Roberts, CISO and Senior Director at Boom Supersonic.

Cybersecurity

Cybersecurity CISO Education Phishing

Protecting your Customers and Brand in 2022: Are you doing enough?

Jane Frankland

APRIL 28, 2022

Nowadays, organisations need digital leaders such as CIOs, CISOs, and CTOs who are strategists, visionaries, and know how to manage, effectively. Digital leaders need to solve this issue fast and technology has a valuable part to play in this. This is the era of the first mover not the fast follower. billion) is expected online.

CISO

CISO Mobile Technology Risk

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

The Last Watchdog

NOVEMBER 29, 2021

Socially engineered incidents have also been on the rise. Almost all of us have seen phishing emails in our inbox at some point. A key takeaway is that the increase in cybersecurity threats is now not just a CISO’s responsibility.

Cybersecurity

Cybersecurity Social Engineering Risk Cyber Risk

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication

Authentication Risk Social Engineering InfoSec

Best Cybersecurity Awareness Training for Employees in 2021

eSecurity Planet

JUNE 17, 2021

The current focus of most security awareness training initiatives is on phishing – and with good reason. Phishing is responsible for the bulk of breaches. Custom phishing templates and landing pages. Employee engagement to report suspected phishing. AI-driven phishing and training recommendations.

Cybersecurity

Cybersecurity Phishing Security Awareness Education

AI in Cybersecurity: How to Cut Through the Overhype and Maximize the Potential

CyberSecurity Insiders

DECEMBER 4, 2021

Of the 13 engineers who commented for this publication, none felt that the marketing associated with the products they were working on was completely accurate with respect to advertised capabilities. The paper explores those areas as well as malicious uses of ML and DL, specifically in social engineering and phishing.

Cybersecurity

Cybersecurity Artificial Intelligence Education Engineering

Remote Working One Year On: What the Future Holds for Cybersecurity

Security Boulevard

MARCH 19, 2021

In late 2020, HelpSystems research with CISOs of global financial organizations revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. Social engineering lures are a good example. This certainly applies to the volume of threats facing cybersecurity teams. Increased File Sharing.

Cybersecurity

Cybersecurity CISO Social Engineering Technology

Top Tips for Ransomware Defense

Cisco Security

JULY 14, 2021

Oftentimes, phishing and social engineering are used to steal credentials and/or get employees to click on a malicious link or attachment. No single technology or best practice alone can prevent it. However, according to Cisco’s Head of Advisory CISOs, Wendy Nather , there’s a right way and a wrong way to do this.

Ransomware

Ransomware Technology Government Phishing

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

SecureWorld News

OCTOBER 15, 2020

It was the summer cyberattack that had social media buzzing. A group of teenagers used social engineering to breach Twitter's network and take over the accounts of a whole bunch of A-listers. As a teenager, he discovered that social engineering was a trick that worked. "I You could lose your data.'.

Social Engineering

Social Engineering Media Scams Financial Services

3 Steps to Prevent a Case of Compromised Credentials

Duo's Security Blog

MAY 23, 2023

In our previous two features, we covered the dangers of phishing (one method of credential compromise) and how to mitigate its impact on users. The answer, like most other cybersecurity-adjacent answers, lies in a combination of factors including social engineering , weak passwords, and other risky security moves or attacks.

Authentication

Authentication Passwords Data breaches Phishing

Interview with Dr. Arun Vishwanath on the Latest Cybersecurity Attacks

CyberSecurity Insiders

JUNE 3, 2021

This breach, like every major ransomware attack, was likely because of spear phishing, where someone either received the malware via an emailed attachment or clicked on a link that took them to a website that hosted it. How are social networks like Facebook, Instagram and TikTok contributing to the “people problem” of cybsersecurity?

Cybersecurity

Cybersecurity Energy and Utilities Social Engineering Phishing

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

Cyberattacks are not only a technological problem for companies, but they also represent a very real financial threat. Currently, cyber insurance is experiencing a ‘hard’ market, meaning that prices are increasing and there is less capacity available,” said Erik Barnes, Senior Underwriter, Cyber & Technology at AXA XL.

Cyber Insurance

Cyber Insurance Insurance Marketing Small Business

How Your Company Can Prevent a Cyberattack

Adam Levin

AUGUST 21, 2019

Among other things, this slowness means fewer clicked links in phishing emails. By now, we should expect to be seeing puppet shows on the dangers of phishing. They may offer continuous training programs to help thwart phishing attacks and malware infections. All that aside, the best solution is free. Figure it out by Monday.

Phishing

Phishing Accountability Cybersecurity Hacking

Cybercriminals Upping the Ante on Ransomware

SecureWorld News

OCTOBER 18, 2022

Payton was joined by Abnormal Security CISO Mike Britton. Enterprises want to stay out of the news, and CISOs want to be able to answer their board when they ask if their company is at risk. Social engagement works; it's very sneaky," he said. RELATED: 5 Emotions Used in Social Engineering Attacks ].

Ransomware

Ransomware Insurance CISO Social Engineering

Grip Security Blog 2023-07-03 12:03:04

Security Boulevard

JULY 3, 2023

SaaS has numerous benefits, and companies have embraced the technology to enhance productivity and streamline business processes. The transformation of IT infrastructure moving to SaaS is happening at a rapid rate , and CISOs realize the need for robust security measures that address the unique challenges SaaS creates.

Authentication

Authentication Accountability Risk Data breaches

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Could be phished credentials. Clearly, there was a failure somewhere, either human error or faulty technology or both. Sascha Fahrbach , cybersecurity evangelist, Fudo Security : Our personal data has immense value to cyber criminals; it is very likely that hackers will now weaponize this data to create advanced phishing attacks.

Mobile

Mobile Data breaches Authentication Accountability

Sunsetting legacy Cybersecurity Process for Better Optimization and Security Modernization

Security Boulevard

SEPTEMBER 19, 2022

The cost of sunsetting security products, legacy applications, and legacy technology imposes a financial strain on every organization. Before considering sunsetting technology products, most SecOps and DevOps teams focus on evaluating and updating, if possible, legacy processes, including developing a legacy-system modernization workflow.

Cybersecurity

Cybersecurity Architecture Risk Insurance

ChatGPT Security and Privacy Issues Remain in GPT-4

eSecurity Planet

APRIL 27, 2023

This can help avoid prompt injection,” said Bob Janssen, VP of Engineering and Global Head of Innovation at Delinea, a privileged access management (PAM) company. Generative technologies like GPT-4 are exciting and they can drive value. They’re also unavoidable. But there needs to be thoughtful strategies for their deployment.

Engineering

Engineering Risk CSO Social Engineering

Reducing Human Error Security Threats with a Remote Workforce

Security Boulevard

MARCH 24, 2021

In a survey of UK&I CISOs, 55% said that human error posed a risk no matter what protections are in place. Damaging employee mistakes often come in the form of clicking or downloading malicious content, interacting with phishing emails, and unauthorized use of a device or app.

Education

Education Risk Cybersecurity VPN

Annual Reports: How They Warn of Cyber Risk

SecureWorld News

OCTOBER 20, 2021

These are the very impacts we regularly hear CISOs mention on SecureWorld webcasts. But how does Accenture explain these cyber threats to its connected way of doing business around the globe? That's where the fine print comes in. Here is the entire section on cyber risk from Accenture's report. We tried breaking this into bite-sized chunks.

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

Making matters worse, the cameras employ facial recognition technology, which leads to questions as to whether an attacker could actually identify individuals caught on camera and then pursue them as targets for social engineering schemes or something even more nefarious. When surveillance leads to spying.

Surveillance

Surveillance IoT Accountability Passwords

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Hackers are using the same ML and AI technology to avoid using recognized malware. While CIOs, CISOs, and purchasing managers often make a faith-based decision on software, greater accountability in software development starting below the OS can lead to more data and risk-driven decisions. Malicious Cloud Applications.

Software

Software Firmware DNS VPN

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

There's the people who are doing social engineering attacks. You need user education; you need to make sure that you recognize phishing and all that sort of stuff. Dennis Fischer: I wonder if that's a function of it being a relatively new technology, even though, honestly it's not. We don't handle that.

Software

Software IoT Manufacturing Hacking

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

There's the people who are doing social engineering attacks. You need user education; you need to make sure that you recognize phishing and all that sort of stuff. Dennis Fischer: I wonder if that's a function of it being a relatively new technology, even though, honestly it's not. We don't handle that.

Software

Software IoT Manufacturing Hacking

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

ForAllSecure

APRIL 30, 2020

There's the people who are doing social engineering attacks. You need user education; you need to make sure that you recognize phishing and all that sort of stuff. Dennis Fischer: I wonder if that's a function of it being a relatively new technology, even though, honestly it's not. We don't handle that.

Software

Software IoT Manufacturing Hacking

Defending Against Credential Phishing Starts by Protecting Your Users

NIST and No-notice: Finding the Goldilocks zone for phishing simulation difficulty

Webinars

Trending Sources

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

Webinars

The challenges of being a CISO during the COVID-19 pandemic

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Nurturing Our Cyber Talent

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

Red Team vs Blue Team vs Purple Team: Differences Explained

VEC Attacker Uses '.cam' Domain in Scam to Garner $36M Payment

5 Major Cybersecurity Trends to Know for 2024

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Protecting your Customers and Brand in 2022: Are you doing enough?

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Best Cybersecurity Awareness Training for Employees in 2021

AI in Cybersecurity: How to Cut Through the Overhype and Maximize the Potential

Remote Working One Year On: What the Future Holds for Cybersecurity

Top Tips for Ransomware Defense

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

3 Steps to Prevent a Case of Compromised Credentials

Interview with Dr. Arun Vishwanath on the Latest Cybersecurity Attacks

Top 8 Cyber Insurance Companies for 2022

How Your Company Can Prevent a Cyberattack

Cybercriminals Upping the Ante on Ransomware

Grip Security Blog 2023-07-03 12:03:04

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

Sunsetting legacy Cybersecurity Process for Better Optimization and Security Modernization

ChatGPT Security and Privacy Issues Remain in GPT-4

Reducing Human Error Security Threats with a Remote Workforce

Annual Reports: How They Warn of Cyber Risk

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Cyber Security Awareness and Risk Management

The Biggest Lessons about Vulnerabilities at RSAC 2021

Decipher Security Podcast With ForAllSecure CEO David Brumley

Decipher Security Podcast With ForAllSecure CEO David Brumley

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

Stay Connected