Recommended
Recommended
More Related Content
Similar to PhishThreat.pptx
Similar to PhishThreat.pptx (20)
Recently uploaded
Recently uploaded (20)
PhishThreat.pptx
- 2. The Changing Focus of Cyber Attacks Target systems, applications and networks with malicious content Target weakest link – the employees – with social engineering and deception Yesterday Today
- 3. IT Pros Report Daily Phishing Attacks 41%
- 4. Verizon 2017 Data Breach Investigations Report 4 93% Breaches include phishing Choice of statistics
- 5. 5 SophosLabs 2018 77% Spam contains a malicious attachment Choice of statistics
- 6. The threat landscape for phishing 3% 5% 15% 6% 5% 26% 32% 9% I DON’T KNOW NEVER INFREQUENTLY MONTHLY FORTNIGHTLY WEEKLY DAILY HOURLY 41% OF IT PROS REPORT AT LEAST DAILY PHISHING ATTACKS Phishing Temperature Check, Freeform Dynamics 2017 (for Sophos) Data from 330 global IT professionals 62% OF ORGANIZATIONS FAIL TO TEST USER AWARENESS 62% 6 Choice of statistics
- 7. Phishing Motives 59% Financial 41% Unauthorized Access 3% 5% 15% 6% 5% 26% 32% 9% I DON’T KNOW NEVER INFREQUENTLY MONTHLY FORTNIGHTLY WEEKLY DAILY HOURLY 41% OF IT PROS REPORT AT LEAST DAILY PHISHING ATTACKS 7 Verizon 2018 Data Breach Investigations Report Choice of statistics
- 8. Phishing Scams 8 Any attempt to bait a user into… Opening malicious attachments Clicking malicious links Supplying funds or data
- 9. 9 Cred. Harvest Malware Account Compromise Attacker Effort Attack Pay-out $2,500 Average ransomware payout $133K Median total impact 100-5000 user orgs Manufacturing firm lost £150k to fake supplier Cable giant transfered €40m to hackers account Cred. Harvest Malware Account Compromise Phishing Scams
- 10. The Solution is Sophos Phish Threat Simulated attack campaigns and training in 3 easy steps • Customizable attack templates fed by latest threat intelligence TEST 1 • Range of interactive training courses covering security and compliance topics TRAIN 2 • Campaign reporting • Security posture by organization, group or individual MEASURE 3 10
- 11. Attack Email Caught Email Training Enrollment Email Attack Landing Page Reminder Email Caught User Landing Page Training Landing Page PHISHING LINK CAMPAIGNS Lure an employee to click on a link in an email Phish Threat Campaigns ATTACHMENT CAMPAIGNS Simulate an attack involving a malicious Office attachment TRAINING CAMPAIGNS Enroll employees directly in training without simulation CREDENTIAL HARVESTING CAMPAIGNS Lure an employee into entering login credentials online Customizable content and branding
- 12. 100’s of Customizable Attack Templates Choice of 9 languages Realistic simulations powered by global threat intelligence Library of international templates from beginner to expert Multiple scenarios and difficulties Plain text business updates Australian Federal Police Amazon DVLA Canada Post New Zealand Inland Revenue Department Parcelforce Apple Growing library of international content 13
- 13. Over 60 Employee Training Modules Phishing Credential harvesting Vishing (phone phishing) Social engineering Ransomware Secure social media use Public Wi-Fi Malicious attachments Passwords & passphrases Two-factor authentication Principle of least privilege Physical security and data protection EU General Data Protection Regulation (GDPR) Gramm-Leach-Bliley Act (GLBA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) Security Topics Compliance Topics 15 Range of video styles Interactive quiz following each course Full reporting of course completion Knowledge checks Interactive modules Gamification
- 14. Gartner Award Winning Training Partnership 16 • Ninjio awarded Gartner Customer Choice award • New episode released every month • Hollywood dramatizations of real-life incidents
- 15. Changing Behaviour from ‘Knowing’ to ‘Doing’ 18
- 16. Phish Threat Enhanced Reporting 19 Endpoint Email Web XG Firewall Dashboard Reports Campaigns PHISH THREAT
- 17. 20
- 18. 21
- 19. 22 Synchronized Security Sophos Phish Threat
- 20. Phishing Malicious URL Credential Theft Ransomware Command & Control Privilege Escalation Malicious Executable Data Exfiltration Server Attack Connected Cyber Attacks 1. Delivery and Instruction Exploit and Execution BOOM! 2. 3. $$$ 23
- 21. Phishing Malicious URL Credential Theft Ransomware Command & Control Privilege Escalation Malicious Executable Data Exfiltration Server Attack Sophos Connected Security Solutions Email Phish Threat Attack Simulations and Training Web Firewall Endpoint Server Endpoint Firewall 1. Delivery and Instruction Exploit and Execution BOOM! 2. 3. $$$ 24
- 22. 1 Malicious Email Link Clicked – Q4 CY 2018 A user clicks a risky email link, re-written by Time-of-Click URL Protection Endpoint Policy Violated - Q4 CY 2018 A user performs an action that puts the organization at risk from cyber attack Synchronized Security: Phish Threat + Email/Endpoint 2 Email: Identify at Risk Users Instantly view high-risk users in the Time-of- Click “At Risk Users” report Endpoint: Identify at Risk Users Instantly view high-risk users for Malware Downloaders, DLP and Web Policy Violators One Click Enrolment in Training Enroll high risk users directly into Phish Threat phishing simulations and security awareness training in one-click. 3 Security Heartbeat™ 25
- 23. Summary 26
- 24. #1 Single License Inclusive per user license keeps decisions simple #2 No Limits Freedom to run unlimited campaigns #3 500+ Templates Customizable attacks fed by latest threat intelligence #4 60+ Courses Range of training covering security and compliance #5 Full Reporting Measure success by organization, group or individual #6 Sophos Central One console, full cybersecurity portfolio Phish Threat Highlights 27 Making phishing simulations and security training effortless
- 25. Educating Employees Across the Globe 1,000,000 Users 28 62Countries Reduction in Employee Susceptibility 31%
- 26. Get your free anti-phishing toolkit sophos.com/phishing-toolkit Don’t take the bait 29
Editor's Notes
- For over 30 years Sophos has been delivering innovative, simple, and highly-effective cybersecurity solutions to IT professionals and the channel that serves them. And we understand that securing organisations today has a lot to do with educating employees around the cyber security threats they face Where as in the past attackers would target systems, applications, networks. Today they target often the weakest link in the organisations – Employees – with social engineering and deception
- A lot of IT Pros know about the risk from these changes – with 41% in a recent Sophos Survey reporting daily phishing attacks But they struggle to manage simulated attacks and computer based training When they do, training can often be dull and users struggle to retain the training content IT and users need simple and easily accessible solutions
- A staggering 93% of company breaches in security now due to an attack that started with a phishing email.
- 77% of all spam we receive in SophosLabs, now found to contain a malicious attachment of some kind, including Ransomware
- In a recently study carried our for Sophos by Freeform Dynamics and the Register, we found that 41% of businesses are now seeing at least daily phishing attacks.
- Here’s why helping users spot the phish is increasingly important, as a worrying 41% of IT Pros reporting at least daily phishing attacks on their organization. [CLICK] With the motive of attacks spread between 59% - having a direct financial goal – either through harvesting of credential for resale, infecting systems with ransomware, or impersonating senior managers to convince employees to transfer them funds or valuable employee data. [CLICK] and 41% of phishing attacks motivated by trying to obtain access to a company’s network to steal data, gain control of systems and so on
- So what do the attacks look like to the user and how are attackers turning these scams into big business. At a basic level, Phishing is really just an attempt to bait a user into performing and action they didn’t intend to: Whether that’s clicking a malicious link Opening and infected attachment Or, supplying sensitive personal or company data and funds. Either through credential harvesting sites or direct via email
- Depending on how sophisticated the scam is, and the resources behind it, they can have substantially different pay-outs. As you’ll see here [Click] From credential theft. Scoring attackers anything from a couple of dollars depending on the access they grant. Requiring very minimal effort from the attacker, with free kits available containing emails and web pages of real brands, and usually sent from free email addresses. [Click] To malware, such as ransomware downloaded from documents or websites. big business. Averaging $2.5k per attack, but for you the cost could run into the hundreds of thousands. A Relatively quick turnaround for attackers, with Ransomware –as-a-service websites available to create and malicious payloads for them. And Almost half of all victims pay. [Click] And, then we have highly targeted Account Compromise attacks. Netting attackers anywhere from thousands to millions in pay-out – pretty much the definition of filthy rich. These use social engineering to impersonate senior executives, or trusted suppliers. Sending urgent requests that trick employees into carrying out large wire transfers or sending over sensitive information.
- But it is where Sophos phish threat comes in. Phish Threat is all geared around helping IT teams help change user behaviour, and reduce organizational risk through regular, real-world phishing simulations, all backed up with security awareness training and reporting to improve awareness - in a few simple steps First you pick a phishing attack campaign Then pick a security training module that corresponds to that attack and enrol your users Then sit back and watch from the dashboard to monitor individual and organizational awareness to the simulated attack, and the improvement over time. So lets take a look at Phish Threat to find out more.
- A range of customizable campaigns that mirror the tactics used in real phishing attacks. Phishing link campaign – where we are trying to lure a user to click a phishing link Credential harvesting – this time where we are sending users to a fake credential harvesting website to enter username and password details (don’t worry, we don’t store any data) Attachment campaigns – where we lure a use to open an attachment that could in the real word contain a malware downloader for instance And lastly a Training-only campaign – no simulated attack this time. You create your own branded email and attach training Each campaign style is fully customizable – from attack email, to training landing pages and training reminder emails. All templates and training is available in a choice of nine languages: English French German Italian Spanish Portguese Korean Traditional Chinese Japanese
- Campaign selection We start off here are the New campaign page in Sophos Central, and after giving our campaign a name. we have 4 options for the type of campaign you’d like to build for your end users: Here you can choose between Phishing link campaigns Credential harvesting where we’ll lure users to a fake web page to enter details (don’t worry we don’t store anything) You’ve then got Attachment campaigns – trying to trick users into opening a document file And lastly, training-only campaigns. No simulated attack here. We’re sending your branded email, with your choice of training. Once we’ve chosen a campaign, simply select your preferred language from a choice of nine. And that will be applied to the email template and training module. You can even apply that language to whole Sophos Central interface if you like.
- More than 500 customisable attacks templates to choose from, all fed by the latest threat intelligence from SophosLabs, and our industry experts. And they include banks, retail brands, social media, IT services and simple plain text emails that could have been sent by a colleague. And with new templates added every week, It’s easy to find the type of email template you want. Filter by difficultly level and identify the latest content with “New” and “Featured” labels
- You have more than 500 customisable attacks templates to choose from, all fed by the latest threat intelligence from SophosLabs, and our industry experts. And they include banks, retail brands, social media, IT services and simple plain text emails that could have been sent by a colleague. And with new templates added every week, It’s easy to find the type of email template you want. First you quickly filter by difficulty level. Or look out for these handy flags First….Our Featured Templates These are the latest phishing attacks and seasonal campaigns. Helping you train users to identify real-world attacks hitting inboxes today and the seasonal campaigns they need to know about. And in the case of credential harvesting attacks you can also see the web page your users will be sent to after clicking the email And for the freshest campaigns – look for the New templates All of these have been added in the past 30 days. And every template can be fully customised later on. So let’s select our email and take a look at training
- Realistic email templates are only the start With Phish Threat, you get a Single license model to keep decisions simple - covering Unlimited campaigns – unlimited templates and all the training modules available. Each course is an average of 5mins in length – making them extremely accessible for those busy employees And they cover a range of topics shown on screen. With each course containing a detailed summary and preview option for the admin and end user. And as we switch to the end user experience you’ll see the Seamless delivery of content in action – with no need for passwords. And the user benefits from a range of training content to support all learning styles = From videos, interactive courses and gamification, each with a combined knowledge check at the end.
- And we’re now able to boast our latest training partnership with Ninjio, adding their unique award winning style of training to the mix * Not currently available in German or Italian.
- And now….lets take a quick look at the some highlights of that training in action.
- Now training is very important. But what you need to be able to measure is if that education is changing user behaviour. Are they able to spot more real attacks now, and report them?
- Well with the Outlook add-in for Phish Threat for enhanced reporting we can do just that. Allowing users to report malicious emails direct from the inbox and passing that data feed to Sophos Email, Endpoint and web security products through SophosLabs. And also surface that data in Sophos Central.
- With new Phish Threat reports that allow you to really measure training effectiveness against reports of simulated phishing attacks. To prove effectiveness of training and knowledge retention. As well as providing: At-a-glance campaign stats Measure overall risk level & improvement Measure your organizations awareness
- And combine that with how quickly users are reporting simulated phishing emails – allowing us to monitor behavior changing from knowing to doing – a really important distinction when combatting real cyber threats. And I’ll add this is one of a number of reports and dashboards providing insight in organizational, campaign and individual behavior.
- And in Q4, the integration of Phish Threat in Central is set to become even more interesting with Sophos synchronized security.
- The greatest risk from attackers is not individual campaigns, its connected attacks Using vehicles like Phishing emails to first penetrate your defences In that case computer-based training in isolation is not enough.
- That’s why Sophos are already the only vendor to offer a layered security defence, with protection at every point of the attack change – combining cyber security technology, with attack simulations and employee training in a single console – Sophos Central But that’s just the start.
- Coming very soon in Q4 2018, will launch one click enrolment of risky users from Sophos Email and Endpoint into Phish Threat. Identifying users who regularly click on links or files, or violate other security policies within these products and allow the admin to enrol them directly into targeted training. It’s a first in the market and we’re really excited to offer it in the same license.
- Phish Threat and Sophos can help you cut the risk of phishing in your business – with six major advantages: You benefit from a single per user license that all email templates, training and reporting – not tiered packages that look the good stuff away There are no Limits to the number campaigns you run per month There are over 500 customizable email attack templates – fed from, or inspired by the latest threat intelligence from Sophos Labs. And over 60 training courses - range from security to compliance topics – and we add one more every month. Full Reporting allows you to measure success by organization, group or individual – against both real and simulated emails And we are the only vendor with a single console, that allow you to build a layered defence against attacks – saving you valuable time Combined, this makes Phish Threat from Sophos unique in the market today.
- And we’ve seen huge demand for Phish Threat among partners. Launched on our US data center in February 2017, with new European datacenters launched earlier this year we’ve now grown to 1,000,000 active users! And we’re now active in 62 countries! And that simple approach to this complex issue - Existing customers able to reduce susceptibility to attacks by 31% in just four tests, you have good news to share soon to the rest of the business. (13% to 9% in four tests)
- And as we’ve seen, user education is an essential part of an effective anti-phishing strategy. So get your copy of our free anti-phishing toolkit to get fantastic resources to educate your users on the phishing threat, including: - a 2-minute video - a poster for your office - a PPT deck for training sessions - top tips to spot a phish - A phishy flow chart to identify phishing emails