Don’t Go In the Attachment: 5 Security Reminders in Honor of Halloween

Do we really need another Halloween-themed security blog?

Yep. We do. Not because our edgiest holiday triggers more cyber threats. No, Halloween season is scary because it’s been absorbed by the winter holidays—the spendiest, cyber-riskiest time on the retail calendar, beginning in mid-September and lasting until…it ends, right?

The Phishing Kill Chain – Triage and Mitigation

Part 6 in a series on being “Left of Breach” in the Phishing Kill Chain.

In part 5 we looked at the importance of reporting and associated best practices for implementation and measuring success at both the simulation and program trending level. Now let’s shift the focus from the development of our user base as reporters to a more traditional security skill set of detection, analysis and mitigation of threats.

Don’t be so emotional. (It hurts security awareness.)

Part 1 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month. 

While modern technology and pervasive media can make all things appear new, they really aren’t. As we continue the battle against advanced persistent threats, malware and fraud, it’s important to remember that confidence men and women have been at this game for a long time.

Customized Phishing Simulations Keep You “Left of Breach”

Part 3 in a series on being “Left of Breach” in the Phishing Kill Chain.

In part 2 we looked at Self-Enumeration, assessing security and business process gaps that phishing attackers exploit. It’s the first step in being “Left of Breach” (see figure below), the process that builds a proactive phishing defense strategy.