Category Archives: Cyber Incident Response

Part 3 in a series on being “Left of Breach” in the Phishing Kill Chain. In part 2 we looked at Self-Enumeration, assessing security and business process gaps that phishing attackers exploit. It’s the first step in being “Left of Breach” (see figure below), the process that builds a proactive phishing defense strategy. The next step is designing phishing simulations. As you’ll see, the more they resemble threats your company actually faces, the better. In simulation design, you model known attacks—either against your organization or industry—utilizing Self-Enumeration and analysis of the results. Consider your potential design criteria and incorporate: Known…

The post Customized Phishing Simulations Keep You “Left of Breach” appeared first on PhishMe.

Customized Phishing Simulations Keep You “Left of Breach” was first posted on September 18, 2017 at 9:38 am.
©2017 “PhishMe Staging“. Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@phishme.com
Continue reading Customized Phishing Simulations Keep You “Left of Breach”→

So, you want to improve your response to phishing threats? Smart idea. PhishMe®’s recent report on phishing response trends shows that phishing is the #1 security concern, but almost half of organizations say they’re not ready for an attack. Here’s how to get your phish together, in three basic steps. Disabuse the “abuse box.” The abuse box is the inbox where companies forward suspicious emails. Sometimes it’s managed by the helpdesk, sometimes by specialized security teams. Nearly always it’s cluttered, stuffed with everything from social media invites to legitimately dangerous malware. That’s why the abuse box usually sucks. Whoever has…

The post Phishing Incident Response: Get Started in 3 Steps appeared first on PhishMe.

Phishing Incident Response: Get Started in 3 Steps was first posted on September 15, 2017 at 2:09 pm.
©2017 “PhishMe Staging“. Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@phishme.com
Continue reading Phishing Incident Response: Get Started in 3 Steps→

As the success of phishing attacks continues to broaden and gain traction in the modern news cycle, it’s important that we understand the differences in impacts based on the type of breach. While over the past year, there has been a lot of talk about the increase in and effectiveness of Ransomware in terms of financial reward and even in forcing political statements from victims, it is critical that we not forget about the designs malicious actors have on PII (Personally Identifiable Information). For example, according to Krebs on Security, the recent Equifax breach noted hackers were motivated to get…

The post Identity Crisis – The Real Cost of a PII Data Breach appeared first on PhishMe.

Identity Crisis – The Real Cost of a PII Data Breach was first posted on September 12, 2017 at 1:15 pm.
©2017 “PhishMe Staging“. Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@phishme.com
Continue reading Identity Crisis – The Real Cost of a PII Data Breach→

Part 1 in our series on being “Left of Breach” in the Phishing Kill Chain. Too often in the information/cyber security industry, we focus our efforts on mitigation of breaches after they occur, relying on incident response teams to find the needles in the haystack. According to “Left of Bang: How the Marine Corps’ Combat Hunter Program Can Save Your Life,” (by Patrick Van Horne and Jason A. Riley; Foreword by Steven Pressfield) The Marine’s Combat Hunter training program works on this premise: by understanding what “normal” looks like, we are much more likely to recognize activities and behaviors that…

The post Want to Get In Front of Breaches? Be like the Marines. appeared first on PhishMe.

Want to Get In Front of Breaches? Be like the Marines. was first posted on September 5, 2017 at 10:38 am.
©2017 “PhishMe Staging“. Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@phishme.com
Continue reading Want to Get In Front of Breaches? Be like the Marines.→

Last week PhishMe® released PhishMe® Free, a no-cost version of our award-winning anti-phishing solution, to protect SMBs from phishing attacks and resulting threats. A new PhishMe white paper shows the urgent need for SMBs to bolster their defenses. According to the paper, “Hacked: Small Businesses in the Crosshairs,” here are just five of the reasons hackers love to target small businesses. They’re easier prey. Phishing attackers like smaller companies because, well, they’re small. They often lack the resources to implement specialized cyber-protection like anti-phishing awareness and reporting. To wit… Only 10 percent of SMBs have a separate budget for cybersecurity.1…

The post 5 Reasons Hackers Target SMBs—and 1 Free Way to Fight Back appeared first on PhishMe.

5 Reasons Hackers Target SMBs—and 1 Free Way to Fight Back was first posted on September 1, 2017 at 10:42 am.
©2017 “PhishMe Staging“. Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@phishme.com
Continue reading 5 Reasons Hackers Target SMBs—and 1 Free Way to Fight Back→