Meltdown and Spectre: Prospects for Impact and Steps to Protect Yourself

The recent disclosure of critical CPU vulnerabilities, Meltdown and Spectre, have rocked the information security industry due to the catastrophic consequences they have for data protection. Meltdown and Spectre exploit critical vulnerabilities present in almost all modern processors, creating the potential for leaks in sensitive data as it is processed on a computer or server. A malicious program exploiting these vulnerabilities would be able to access data stored in the memory of other running programs, such as passwords stored in a password manager or browser, personal emails or photographs, and other sensitive data. The vulnerabilities extend to personal computers, mobile devices, and the cloud, where it may be possible to steal data from other cloud customers—essentially anything using an Intel, AMD, or ARM processor.

Identify, Prioritize, and Respond to Phishing Threats Faster with PhishMe and ServiceNow

Improve the Phishing Incident Response Workflow with PhishMe Triage™ and ServiceNow® Security Operations

Security leaders are bolstering their resiliency to phishing attacks. It starts with conditioning employees to recognize and report suspicious email. Take for example “Alice,” the CISO for a Fortune 100 company. Alice’s team regularly simulates real-world phishing on employees at all levels. The program involves behavioral conditioning that requires employees to report simulated and real attacks.

Love Hurts – But Catphishing Doesn’t Have To

For the past few years we have discussed the power of emotion in phishing emails. This is never more valuable to understand than during the upcoming Valentine’s season. The traditions of gift giving to current partners and the romanticized notions of hearing from a secret admirer are so firmly ingrained in our minds that we become easy targets for scam artists.

PhishMe Named as Finalist in 2018 Stevie® Awards for Sales and Customer Service

12th annual awards will be presented on February 23 in Las Vegas

Leesburg, VA. – January 22, 2018 – PhishMe®, the leading provider of human phishing defense solutions, was named a Finalist today in the Customer Service Department of the Year category in the 12th annual Stevie® Awards for Sales & Customer Service, and will ultimately be a Gold, Silver, or Bronze Stevie Award winner in the program.

More than 2,500 nominations from organizations of all sizes and in virtually every industry were evaluated in this year’s competition. Finalists were determined by the average scores of more than 150 professionals worldwide, in seven specialized judging committees.  Entries were considered in 89 categories for customer service and contact center achievements, including Contact Center of the Year, Award for Innovation in Customer Service, and Customer Service Department of the Year; 60 categories for sales and business development achievements, ranging from Senior Sales Executive of the Year to Sales Training or Business Development Executive of the Year to Sales Department of the Year; and categories to recognize new products and services and solution providers.

“We’re thrilled that our customer service department has been included among the finalists for the 2018 Stevie Awards,” said Jeffrey Rogers, VP of Client Success at PhishMe. “With cybersecurity being a top priority for organizations everywhere, this is a huge testament to the work of our team to ensure that our customers are successfully equipped with the tools and resources necessary to defend themselves against phishing attacks.”

“The 2018 judges were so impressed with the wide range of achievements detailed in the Finalist nominations,” said Michael Gallagher, president and founder of the Stevie Awards.  “We look forward to announcing the Gold, Silver and Bronze Stevie placements in Las Vegas next month.”

Details about the Stevie Awards for Sales & Customer Service and the list of Finalists in all categories are available at www.StevieAwards.com/Sales.

For more about PhishMe, visit: https://phishme.com/.

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report and mitigate spear phishing, malware and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision-making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare and manufacturing industries, as well as other Global 1000 entities that understand how changing user security behavior will improve security, aid incident response and reduce the risk of compromise.

About The Stevie Awards

Stevie Awards are conferred in seven programs: the Asia-Pacific Stevie Awards, the German Stevie Awards, The American Business Awards, The International Business Awards, the Stevie Awards for Great Employers, the Stevie Awards for Women in Business and the Stevie Awards for Sales & Customer Service. Stevie Awards competitions receive more than 10,000 entries each year from organizations in more than 60 nations. Honoring organizations of all types and sizes and the people behind them, the Stevies recognize outstanding performances in the workplace worldwide. Learn more about the Stevie Awards at http://www.StevieAwards.com.

Sponsors and supporters of the 12th annual Stevie Awards for Sales & Customer Service include HCL Financial Services, Sales Partnerships, Inc. and ValueSelling Associates, Inc.

Refocus Your Anti-Phishing From Vulnerability To Capability.

In our 2017 Enterprise Phishing Resiliency and Defense Report, PhishMe® discusses the importance of moving past susceptibility as a key indicator of anti-phishing program success. We want to shift the conversation from vulnerability (susceptibility) to capability (resiliency).

That is, what are an organization’s current anti-phishing capabilities—and how is positive behavior increasing them over time to build resiliency?

The chart below tracks behavior among our clients’ users during phishing simulations. In it, resiliency equals users that “reported only” divided by “all that fell susceptible.” (The latter includes those that reported after falling for simulated phishes.)

Figure 1 – Three-year Resiliency Trend across PhishMe Clients

As you can see, PhishMe clients using PhishMe Reporter® show consistent gains in the capability to recognize and report phishing simulations. In other words, they are becoming more resilient to attack.

Using our formula…

Resilience = Users that Reported Only/All Susceptible

…we can determine the current level of resilience, to any specific phishing simulation or known active threat model. It’s a snapshot of the capability to recognize and report.

To see how this capability changes over time, let’s look at a chart that measures all the ways users behave in simulations.

Figure 2 – Behavior Analysis Chart

While the ideal outcome would be for all tested users to report only, that’s unlikely to happen. But, we can track two other key percentages shown above:

  1. Responded to Simulated Phish – Did Not Report
  2. Responded to Simulated Phish – Reported

Because the change you want to see is the reporting of suspicious emails, you expect to see a steady increase in “reported only” or “responded and reported.” Thus, if you were to run the simulation above again to the same user base, you would want an increase in the 43.63% of “reported only” and the 2.25% of “responded and reported.” You would also want a decline in the 14.23% of users that did not report.

This shows how the real goal of anti-phishing programs goes beyond finding vulnerabilities. The longer-term goal is to fortify capability—to build resiliency. Simply put, you want every user that interacts with a simulation to report it.

To learn more about successful anti-phishing programs, be sure to download the 2017 Enterprise Phishing Resiliency and Defense Report.

PhishMe Clients Are Reporting Ransomware Emails. Are You?

With the steady rise in ransomware attacks and success, it’s highly likely that related phishing variants will continue to permeate the landscape in 2018.

While this is not a new threat, it’s one that you want to be truly prepared to face. With that in mind, we looked back into our 2017 data and what we found is good news for those clients running active threat ransomware simulations in their environment.

Across 246 simulations and more than 712k emails, the aggregate resiliency score was 2.63. This means that for every susceptible user, there were more than 2 that reported the threat in our simulations.

 

 

What this ultimately shows us is that clients can develop recognition and reporting capabilities for these types of attacks when active threat templates are used in immersive simulations. Further, it indicates that these organizations are better prepared to mitigate this threat should it materialize in their environments.

As we have discussed in past blogs, these results highlight the importance of understanding what your organization is seeing in terms of real attacks and that anti-phishing programs should focus on those threats to mitigate the risk of breach.

This represents a fundamental shift in how we think about getting ahead of hackers, APTs and other malicious actors. In the past, the conversation has always been about how fast we identify a breach after the fact.

Now, it’s about utilizing “crowd sourcing” as a strategy to catch hackers in the act.

At PhishMe®, we do this by ensuring our anti-phishing programs include spear-phishing simulations that target high value, at-risk users with scenarios that mimic real world attacks. Each immersive simulation includes reporting instructions for those that fall susceptible and conditions users to do their part for organizational security.

How to Pay It Forward

Utilize multiple intelligence sources to identify exactly who is being targeted by what type of phish and mimic those attacks on a broader scale to drive recognition and reporting of specific threats.

  1. Work with your intel and incident response teams to identify active phishing attacks against your organization.
  2. Model simulations based on those identified threats.
  3. Stress the importance of reporting for all users that recognize a phish (even in the event of susceptibility).
  4. Repeat low resiliency simulations to improve performance and increase organizational capabilities.

Take Action

As the data in this blog shows, we can prepare an organization’s users to resist active threats.

The key is developing the ability to act on what is being reported. In other words, until we analyze reports of suspected phishing attacks we are only collecting intelligence data.

It’s time to take that data and make it actionable.

Current PhishMe Triage™ Managed Services data shows us that 10% of reported (suspected) phish are, in fact, malicious. This means that 10 out of every 100 suspected phish that made it past your perimeter defense have the potential to cause a breach.

It’s through analysis of those reports and mitigation of validated threats that we pay ourselves (by reducing value at risk) and avoid paying ransoms to malicious actors. The companies in our data set above are prepared to do just that.

Are you?

To learn more about becoming more resilient to phishing, download the 2017 Enterprise Phishing Resiliency and Defense Report.

PhishMe Simulator is Selected as a SC Media 2018 Professional Award Finalist for Best IT Security-related Training Program

Leading provider of human phishing defense solutions recognized as a SC Media award finalist for third consecutive year

Leesburg, VA. – January 18, 2018 – PhishMe®, the leading provider of human phishing defense solutions, today announced that it has been named a finalist in the 2018 SC Awards for exemplary professional leadership in cybersecurity.

PhishMe Simulator® is recognized as a finalist in Best IT Security-related Training Program in the Professional Award category of the SC Awards. Winners will be announced at the SC Awards ceremony on April 17, 2018 in San Francisco.

“In an age where threats are ever-evolving, it is reassuring to know that one true constant is the commitment of dedicated information security professionals, as best exemplified by our SC Media Awards finalists,” said Illena Armstrong, VP, editorial, SC Media. “These inspiring innovators have set a high bar for their industry peers, as they continue to protect the world from attacks and vulnerabilities that imperil our security, privacy, and digital infrastructure. The year 2017 brought us WannaCry ransomware infections, the rise of cryptominers, and bugs like Broadpwn and BlueBorne that affected billions of devices. Whatever threats rear their ugly heads in 2018 and beyond, our finalists will be ready to act.”

SC Awards is recognized as the industry gold standard of accomplishment for cybersecurity professionals, products and services. Winners in the Professional Award category are selected by an expert panel of judges and recognize the most talented cybersecurity professionals from end-user companies. Judges conducted in-depth analysis and considered many factors – such as applicable research, analyst reports and/or product reviews – to narrow down the field of hundreds of submissions to just the top finalists.

“We are honored to be recognized as a finalist in the 2018 SC Awards for the third consecutive year,” said Rohyt Belani, CEO and Co-Founder, PhishMe. “Phishing is still regarded as one of today’s top cyber threats – and resilient employees who proactively report phishing emails are the best defense to combat threats that have bypassed traditional security layers. We are dedicated to continually supporting our customers phishing defense program needs with strong content based on real-life attacks. With PhishMe Simulator, organizations world-wide are empowering employees to be an additional layer of defense against today’s top threats.”

“Protecting sensitive information and private data from ambitious cyber attackers can be a great challenge,” added Armstrong of SC Media. “PhishMe has been named a finalist for the SC Award Professional Award for raising the bar within the industry and successfully meeting this challenge.”

For more about PhishMe, visit: https://phishme.com/.

About SC Media

SC Media is cybersecurity. For over 25 years, they have armed information security professionals with in-depth and unbiased information through timely news, comprehensive analysis, cutting-edge features, contributions from thought leaders, and independent product reviews in partnership with and for top-level information security executives and their technical teams.

In addition to their comprehensive website, SC Media offers magazines, eBooks, and newsletters. They also host digital and live events such as SC Awards and RiskSec NY to provide cybersecurity professionals all the information needed to safeguard their organizations and contribute to their longevity and success.

Friend us on Facebook: http://www.facebook.com/SCMag

Follow us on Twitter: http://twitter.com/scmagazine

Event Information:

Anna Naumoski, Events Manager

anna.naumoski@haymarketmedia.com

646.638.6015

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report and mitigate spear phishing, malware and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision-making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare and manufacturing industries, as well as other Global 1000 entities that understand how changing user security behavior will improve security, aid incident response and reduce the risk of compromise.

Media Contact for PhishMe

Nick Lagalante

Global Corporate Communications, PhishMe

media@phishme.com

571-393-2403

South Africa At Higher Risk Of Data Breaches, Says Phishing Trend Report

JOHANNESBURG – January 15, 2018 – The recent release by PhishMe®, the leading provider of human phishing defence solutions, of its South Africa Phishing Response Trends Report shows some startling findings in terms of security incidents stemming from deceptive e-mails. According to the report, some 90 percent of respondents have dealt with security incidents originating from deceptive e-mails, and yet more than half of the respondents do not possess the right tools and processes to effectively mitigate such threats.

PhishMe’s South Africa Phishing Response Trends Report looked at the phishing response strategies of IT security decision-makers across a variety of industries in the South African region. The report highlights that despite technology investments, local organisations are being flooded with suspicious e-mails targeting employees, noting that 80 percent of respondents had confirmed using anti-malware solutions, with 70 percent of respondents using computer based training to protect against phishing attacks. Nonetheless, with scattered technology, processes and limited resources, the majority of respondents still feel ill prepared to adequately respond to such threats.

Additionally, according to the Ponemon Institute, South African organisations are more exposed to data breach incidents than their counterparts across the globe, having scored the highest probability of experiencing a data breach in the next 24 months[1]. In line with phishing response trends emerging from the US and the UK markets, South African businesses claimed to be more unprepared to combat phishing attacks despite having dealt with more e-mail-related incidents. The report notes that in 2016, cybercriminals launched a digital offensive in South Africa, with attacks employing phishing and spear phishing tactics. According to Trend Micro, more than 6,000 local PCs were infected with banking malware.

Key findings from the survey include:

  • 90 percent have dealt with security incidents originating with a deceptive e-mail.
  • More than 60 percent have faced an e-mail threat more than once.
  • Nearly 20 percent of respondents see more than 500 suspicious e-mails weekly.
  • Nearly all respondents already have one security layer in place, with many respondents having more than four security layers in place.
  • E-mail-related threats are South Africa’s biggest security concern.
  • Over 50 percent of respondents highlighted that technology alone isn’t the answer to phishing.
  • 95 percent of surveyed IT professionals plan to upgrade their phishing response and prevention.

“With the average cost of a data breach surpassing the two and a half million US dollar mark, it has become mandatory for South African organisations to rethink the way e-mail-based threats are handled internally,” said Rohyt Belani, CEO and co-founder at PhishMe. “As we have seen in other parts of the world, relying on technology alone is insufficient to defend against today’s top threats, calling for a different approach based on automated phishing incident response powered by human intelligence.”

Anton Jacobsz, managing director at value-added distributor Networks Unlimited, which distributes PhishMe solutions throughout Africa, concludes, “The best form of defence against phishing is the education of your employees as the final protection layer in a holistic defence strategy, acknowledging that technology exists for, and is used by, people, who must therefore be included in the defence chain. This strategy underscores the need today for a completely holistic approach to cybersecurity, which works across a number of different platforms and does not rely only on IT support and technology applications.”

The full report is available for download here: https://phishme.com/phishing-response-trends-south-africa/

To learn more about PhishMe’s phishing incident solutions, please visit: www.phishme.com

Survey Methodology

This study was commissioned by PhishMe and delivered by Censuswide, an international market survey consultant. Censuswide surveyed one hundred select IT professionals, largely senior decision-makers, on phishing response strategies. The sample represented firms belonging to a variety of industries including business services, high tech, manufacturing, healthcare, financial, retail and wholesale trades, transportation, consumer services and telecommunications. All participants joined voluntarily and no telemarketing techniques were implemented.

About PhishMe

PhishMe is the leading provider of human-focused phishing defence solutions for organisations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defence by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organisation’s security decision making process. PhishMe’s customers include the defence industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand how changing user security behaviour will improve security, aid incident response, and reduce the risk of compromise.

Media Contact for PhishMe

Nick Lagalante
Global Corporate Communications, PhishMe
media@phishme.com
P: +1-571-393-2403

About Networks Unlimited

Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Attivo Networks, Fortinet, F5, HyperGrid, Mellanox, NETSCOUT, ProLabs, PhishMe, Rackmount, RSA, Rubrik, SevOne, Silver Peak, Thales, Tintri and Uplogix. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited has continually adapted to today’s progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market.

Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.

Contacts for Networks Unlimited

Networks Unlimited, Ingrid Mulaudzi, +27 (0) 11 202 8400, ingrid.mulaudzi@nu.co.za
icomm, Vivienne Fouché, +27 (0) 82 602 1635, vivienne@pr.co.za, www.icomm-pr.co.za

[1] Source: Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview (https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03130WWEN)