SlideShare a Scribd company logo

PHISHING PROTECTION

S
Sylvain Martinez

Looking at the different components an organisation should consider to fight Phishing attacks and build a successful Phishing protection program

Technology
1 of 30
Download to read offline
CYBER SECURITY PHISHING PROTECTION HOW TO START A PROGRAM VERSION: 1.5 DATE: 26/06/2019 AUTHOR: SYLVAIN MARTINEZ REFERENCE: ESC17-MUSCL CLASSIFICATION: PUBLIC
2 • Presentation goal; • Phishing Statistics; • Incident cost; • Phishing protection benefits; • Phishing definition; • Spear Phishing definition; • Phishing email – From the outside; • Phishing email – From the inside; • Phishing Website – From the outside; • Phishing Website – From the inside; • Phishing protection program overview; • Training overview; • Training – Awareness campaign; • Training – Guidelines; • Testing overview; • Testing – URLS; • Testing – Attachments; • Testing – Phishing simulation planning; • Detection overview; • Detecting – Manual detection; • Detecting – Automated detection; • Protecting overview; • Protecting – Warn; • Protecting – Block; CONTENTS PUBLIC CONCLUSIONDEFENCESAWARENESSPROGRAMCONTEXT • Key Take Away; • Get Started; • Extra Resources.
PRESENTATION GOAL 3 LEARN HOW TO START AN ANTI-PHISHING PROGRAM 3 LEARN ABOUT DIFFERENT TYPE OF PHISHING PROTECTIONS 2 LEARN ABOUT DIFFERENT TYPE OF PHISHING ATTACKS 1 TO LEARN ABOUT PHISHING PROTECTION SOLUTIONS CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT Icons: from The Noun Project unless stated otherwisePUBLIC
PHISHING STATISTICS 4Source: hostingtribunal.com - June 2019PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT ALL EMAILS 45% ARE SPAM SPAM 14.5 BILLION EVERY DAY GROWTH 65% PHISHING IN 2018 MALWARE 92% EMAIL DELIVERED PHISHING EMAIL 16 MONTHLY PER USER PHISHING OPEN 30% BY TARGETED USERS PHISHING CLICK 12% BY TARGETED USERS PHISHING SITES 1.5 MILLION NEW EVERY MONTH
INCIDENT COST 5 ELYSIUMSECURITY INVESTIGATIONS MAURITIUS JANUARY 2018 – JUNE 2019 80% FINANCIAL FRAUD 20% RANSOMWARE 100% PHISHING JAN 2018 MAY 2018 AUG 2018 APR 2019 MAY 2019 JUNE 2019 $0.5M $1M $2M $0.5M $1M $0.5M AVERAGE COST PER DATA BREACH AVERAGE COST PER PHISHING ATTACK DATA BREACHES FROM PHISHING ATTACKS AVERAGE DETECTION TIME $3.86M $1.6M 95% 197 DAYS WORLDWIDE WORLDWIDE STATS FROM SAFEATLAST.CO AND RETRUSTER.COM – JUNE 2019PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
PHISHING PROTECTION BENEFITS 6PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT IMPROVED SECURITY REDUCED PHISHING COSTIMPROVED AWARENESS KNOW PHISHING RISKS BETTER PHISHING DETECTION FOLLOW BEST PRACTISE STAFF BETTER PROTECTED BETTER EMAIL PROTECTION INCREASED ATTACK VISIBILITY LOWER PHISHING SUCCESS RATE LIMITED PHISHING IMPACT COST REDUCED/AVOID FINES
PHISHING DEFINITION 7PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT PHISHING IS A TYPE OF SOCIAL ENGINEERING ATTACK USED TO STEAL SENSITIVE INFORMATION SUCH AS PASSWORDS OR FINANCIAL DETAILS ATTACKERS PRETEND TO BE A TRUSTED ENTITY TO PUSH VICTIMS INTO OPENING FRAUDULENT LINKS OR ATTACHMENTS. THIS IS A GENERIC ATTACK USING COMMON MESSAGES THAT MAY BE RELEVANT TO THE VICTIMS CONTRIBUTING TO THEIR FALSE SENSE OF TRUST
SPEAR PHISHING DEFINITION 8PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT SPEAR PHISHING IS AN ADVANCED TYPE OF SOCIAL ENGINEERING ATTACK USED TO STEAL SENSITIVE INFORMATION SUCH AS PASSWORDS OR FINANCIAL DETAILS ATTACKERS PRETEND TO BE A TRUSTED ENTITY TO PUSH VICTIMS INTO OPENING FRAUDULENT LINKS OR ATTACHMENTS THIS IS A VERY FOCUSED ATTACK USING SPECIFIC MESSAGES WITH PERSONAL AND RELEVANT INFORMATION TO THE VICTIMS INCREASING THEIR FALSE SENSE OF TRUST
PHISHING EMAIL - FROM THE OUTSIDE 9PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT LOOKS AND SOUNDS LEGETIMATE
PHISHING EMAIL - FROM THE INSIDE 10PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT WARNING SIGNS IF YOU KNOW WHERE TO LOOK!
PHISHING WEBSITE - FROM THE OUTSIDE 11PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
PHISHING WEBSITE- FROM THE INSIDE 12PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT YOUR CREDENTIALS ARE INTERCEPTED AND SENT… TO THE WRONG PLACE / PERSON!
PHISHING PROTECTION PROGRAM OVERVIEW 13PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT CAMPAIGN #1 PHISHING MOST COMMONALL STAFF GENERIC INEXPENSIVE AUTOMATED SIMPLE ATTACK CAMPAIGN #2 SPEAR PHISHING LEAST COMMONKEY STAFF TARGET TAILORED EXPENSIVE MANUAL COMPLEX ATTACK TRAINING GUIDELINES AWARENESS CAMPAIGN TESTING OPEN ATTACHMENT CLICK URL DETECTING AUTOMATEDMANUAL PROTECTING BLOCKWARN {elysiumsecurity} PHISHING PROTECTION PROGRAM
TRAINING OVERVIEW 14PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT TRAINING GUIDELINES AWARENESS CAMPAIGN SOME PHISHING WILL ALWAYS GO THROUGH CYBER DEFENCES1 USER AWARENESS IS YOUR FIRST DEFENCE AGAINST PHISHING2 TRAIN YOUR USERS TO UNDERSTAND PHISHING RISKS AND LOOKS3
TRAINING - AWARENESS CAMPAIGN 15PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT RELEVANT TO YOUR CORPORATE RISK PROFILE 1 COORDINATED WITH CORPORATE COMMUNICATION 2 LINKED TO WIDER CYBER SECURITY AWARENESS 3 MIX OF IN PERSON AND DIGITAL DELIVERY 4 SET AND REVIEW KEY PERFORMANCE INDICATORS 7 REGULAR AND REPEATED 6 USE OF RELATABLE EXAMPLES 5 RESULTS FEEDBACK CAN BE A TRAINING TOOL 8 CHEAT SHEET 10 POSTER 9
TRAINING - GUIDELINES 16PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT DO THINK BEFORE YOU CLICK 1 DO CHECK EMAIL PROVENANCE 2 DO CHECK EMAIL CONTEXT 3 DO BE CAREFUL OF DISAPEARING EMAILS 4 DO NOT IGNORE SECURITY WARNINGS 7 DO NOT USE WORK EMAIL FOR PERSONAL PURPOSE 6 DO REPORT SUSPICIOUS EMAILS 5 DO NOT OPEN UNEXPECTED ATTACHMENT 8 DO NOT ENTER PASSWORDS FROM URL IN EMAILS 10 DO NOT CLICK UNEXPECTED URL 9 DO DO NOT
TESTING OPEN ATTACHMENT CLICK URL TESTING OVERVIEW 17PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT VALIDATE AWARENESS CAMPAIGN EFFICIENCY1 IDENTIFY MOST VULNERABLE USERS2 USE PHISHING SIMULATION TOOLS3
TESTING - URLS 18PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT GENERIC EMAIL CONTEXT1 SPECIFIC EMAIL CONTEXT6 REDIRECT TO GENERIC MESSAGE4 OBVIOUS SUSPICIOUS URL2 ONLY SIMULATE CLICK BAIT3 RECORD VICTIM DETAILS5 DIFFICULT TO SPOT URL7 RECORD VICTIM DETAILS AND STATISTICS10 SIMULATE PORTAL CREDENTIAL STEALTH8 REDIRECT TO AWARENESS CAMPAIGN9 START FINISH
TESTING - ATTACHMENTS 19PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT GENERIC EMAIL CONTEXT1 SPECIFIC EMAIL CONTEXT6 REDIRECT TO GENERIC MESSAGE4 OBVIOUS SUSPICIOUS ATTACHMENT2 ONLY SIMULATE CLICK BAIT3 RECORD VICTIM DETAILS5 DIFFICULT TO SPOT ATTACHMENT7 RECORD VICTIM DETAILS AND STATISTICS10 SIMULATE MALWARE INSTALLATION8 REDIRECT TO AWARENESS CAMPAIGN9 START FINISH
TESTING – PHISHING SIMULATION PLANNING 20PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT LIST TARGETED USERS (ALL / FEW) 1 EMAIL SCOPE (SAME VERSION FOR ALL?) 2 CLEAR GOALS AND TIMELINE 3 VICTIM MESSAGE READY 4 ANALYSE RESULTS AND ADAPT 7 ESTABLISH BASELINE (GENERIC ATTACK) 6 INFORM STAFF PRIOR STARTING 5 REFINE TEMPLATES 8 SPEAR PHISHING TEST WHEN MATURE ENOUGH 10 BEWARE OF GDPR/DPA WHEN USING 3rd PARTY 9
DETECTING AUTOMATEDMANUAL DETECTING OVERVIEW 21PUBLIC MONITOR EMAIL SECURITY1 ENABLE AND ENHANCE PHISHING VISIBILITY2 FACILITATE PHISHING INCIDENT RESPONSE3 CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
DETECTING - MANUAL DETECTION 22PUBLIC REVIEW LOGS FOR SUSPICIOUS EMAIL LOGINS 1 REVIEW LOGS FOR SUSPICIOUS EMAIL ACTIVITIES 2 REVIEW NETWORK SECURITY ALERTS 3 REVIEW SYSTEM SECURITY ALERTS 4 ENABLE A SIMPLE PHISHING REPORTING MECHANISM 5 CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
DETECTING - AUTOMATED DETECTION 23PUBLIC ENABLE ANTI PHISHING FILTERS 1 CONFIGURE AND TUNE ANTI PHISHING FILTERS 2 SUBSCRIBE TO BLACKLIST SERVICES 3 BASELINE EMAIL ACTIVITIES AND ORIGIN 4 IMPOSSIBLE LOGIN DETECTION SETUP 5 CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
PROTECTING BLOCKWARN PROTECTING OVERVIEW 24PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT REDUCE PHISHING RELATED INCIDENT1 ALERT USER OF POTENTIAL PHISHING ATTACKS2 BLOCK IDENTIFIED PHISHING ATTACKS3
PROTECTING - WARN 25PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT IDENTIFY AND VISUALLY LABEL EXTERNAL EMAILS 1 IDENTIFY AND VISUALLY LABEL POTENTIAL IMPERSONATION 2 MOVE SUSPICIOUS EMAILS TO QUARANTINE/SPAM FOLDER 3 WARN USERS OF SUSPICIOUS EMAIL LOGIN ACTIVITIES 4 WARN EMAIL ADMIN OF EMAIL RULES CREATION 5
PROTECTING - BLOCK 26PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT BLOCK REPORTED EMAIL ADDRESSES 1 BLOCK REPORTED WEBSITES, DOMAINS AND IP 2 BLOCK IDENTIFIED BAD URL AND ATTACHMENT 3 PROACTIVELY BLOCK SIMILAR DOMAIN 4 PROACTIVELY REGISTER SIMILAR DOMAIN 5
KEY TAKE AWAY 27 PHISHING IS THE MOST COMMON ATTACK VECTOR TODAY 1 BE AWARE OF PHISHING VERSUS SPEAR PHISHING 2 AWARENESS IS KEY3 IMPORTANCE OF PHISHING PROTECTION4 IMPORTANCE OF EMAIL ACCESS PROTECTION5 PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
GET STARTED 28 STAY INFORMED OF PHISHING CAMPAIGNS1 REMIND STAFF OF PHISHING RISKS2 USE SECURE EMAIL PROVIDER3 ENFORCE EMAIL PROTECTIONS4 DEFINE AND IMPLEMENT A PHISHING PROTECTION PROGRAM 5 PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
EXTRA RESOURCES 29 CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT TRAINING PUBLIC AVERAGE COST $10 / YEAR / USER / NO CUSTOMISATION GARTNER COMPARE DIFFERENT OFFERINGS https://www.gartner.com/reviews/market/security-awareness-computer-based-training/ SIMULATOR AVERAGE COST FREE - $10 / YEAR / USER PHISHING READINESS THIS IS A PRODUCT BY SYMANTEC https://www.symantec.com/products/phishing-readiness KNOWBE4 THIS IS A COMPANY BY KEVIN MITNICK https://www.knowbe4.com/ MICROSOFT ATTACK SIMULATOR – ATP PLAN 2 https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator GOPHISH OPENSOURCE AND PROFESSIONAL VERSIONS https://getgophish.com/ TREND MICRO FREE AND PAID SUBSCRIPTION https://cofense.com/simulator-small-business-edition COFENSE BOUGHT MARKET LEADER CALLED PHISHME.COM https://cofense.com/simulator-small-business-edition CYBERAWARE FREE RESOURCES https://free.thesecurityawarenesscompany.com/downloads/category/videos/ SANS CAN BE EXPAMSIVE BUT ALSO HAS FREE RESOURCES https://www.sans.org/security-awareness-training ESET CLAIMS TO BE FREE BUT MAY HAVE SOME HIDDEN COST https://www.eset.com/us/cybertraining/ TREND MICRO ALSO OFFERS WIDER CYBER SECURITY TRAINING https://phishinsight.trendmicro.com/en/training MIMECAST ALSO OFFERS WIDER CYBER SECURITY TRAINING https://www.mimecast.com/content/phishing-awareness
© 2015-2019 ELYSIUMSECURITY LTD ALL RIGHTS RESERVED HTTPS://WWW.ELYSIUMSECURITY.COM CONSULTING@ELYSIUMSECURITY.COM ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE SECURITY AWARENESS THROUGH AN ORGANIZATION. ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES. ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS. ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE, A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT.

Recommended

From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentationJesse Ratcliffe, OSCP
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Osint presentation nov 2019
Osint presentation nov 2019Osint presentation nov 2019
Osint presentation nov 2019Priyanka Aash
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 

Recommended

From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentationJesse Ratcliffe, OSCP
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Osint presentation nov 2019
Osint presentation nov 2019Osint presentation nov 2019
Osint presentation nov 2019Priyanka Aash
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecuritydivyanshigarg4
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE - ATT&CKcon
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CKArpan Raval
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hackingVikram Khanna
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Wazuh Security Platform
Wazuh Security PlatformWazuh Security Platform
Wazuh Security PlatformPituphong Yavirach
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)festival ICT 2016
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical HackingDivyank Jindal
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSSylvain Martinez
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
 

More Related Content

What's hot

Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE - ATT&CKcon
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CKArpan Raval
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hackingVikram Khanna
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)festival ICT 2016
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical HackingDivyank Jindal
 

What's hot (20)

Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chain
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hacking
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
Wazuh Security Platform
Wazuh Security PlatformWazuh Security Platform
Wazuh Security Platform
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical Hacking
 

Similar to PHISHING PROTECTION

INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSSylvain Martinez
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWSylvain Martinez
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk
 
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Inuit AB
 
[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by Attackers[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by AttackersFireEye, Inc.
 
Threat_intelligence_Handbook
Threat_intelligence_HandbookThreat_intelligence_Handbook
Threat_intelligence_HandbookBruno Rafael
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Seven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDF
Seven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDFSeven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDF
Seven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDFTor Cannady
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadOpenDNS
 
Psychological aspect of social engineering
Psychological aspect of social engineeringPsychological aspect of social engineering
Psychological aspect of social engineeringYuvaraj Naresh
 
Cyber-Attack and Security: Putting the Audit Committee on High Alert
Cyber-Attack and Security: Putting the Audit Committee on High AlertCyber-Attack and Security: Putting the Audit Committee on High Alert
Cyber-Attack and Security: Putting the Audit Committee on High AlertSymptai Consulting Limited
 
Operational Security
Operational SecurityOperational Security
Operational SecuritySplunk
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber AttackersSirius
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONSylvain Martinez
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Mobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableMobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableXura
 

Similar to PHISHING PROTECTION (20)

INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
We are all info sec
We are all info secWe are all info sec
We are all info sec
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEW
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
 
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report
 
[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by Attackers[Infographic] Email: The First Security Gap Targeted by Attackers
[Infographic] Email: The First Security Gap Targeted by Attackers
 
Threat_intelligence_Handbook
Threat_intelligence_HandbookThreat_intelligence_Handbook
Threat_intelligence_Handbook
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
 
Seven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDF
Seven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDFSeven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDF
Seven_Ways_to_Apply_the_Cyber_Kill_Chain_with_a_Threat_Intelligence_Platform.PDF
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
 
Psychological aspect of social engineering
Psychological aspect of social engineeringPsychological aspect of social engineering
Psychological aspect of social engineering
 
Cyber-Attack and Security: Putting the Audit Committee on High Alert
Cyber-Attack and Security: Putting the Audit Committee on High AlertCyber-Attack and Security: Putting the Audit Committee on High Alert
Cyber-Attack and Security: Putting the Audit Committee on High Alert
 
Operational Security
Operational SecurityOperational Security
Operational Security
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers
 
Lookingglass whitepaper
Lookingglass whitepaperLookingglass whitepaper
Lookingglass whitepaper
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Mobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableMobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers Vulnerable
 

More from Sylvain Martinez

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
 
INTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYSylvain Martinez
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESSylvain Martinez
 
INCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWSylvain Martinez
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security AssessmentSylvain Martinez
 
Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2Sylvain Martinez
 
Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Sylvain Martinez
 
INCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSSylvain Martinez
 
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPONSylvain Martinez
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bSylvain Martinez
 

More from Sylvain Martinez (20)

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
INTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLES
 
INCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEW
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?
 
GDPR SECURITY ISSUES
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
 
The Art of CTF
The Art of CTFThe Art of CTF
The Art of CTF
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
 
Risk on Crypto Currencies
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
 
Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
 
Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
INCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONS
 
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
 
Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

PHISHING PROTECTION

  • 1. CYBER SECURITY PHISHING PROTECTION HOW TO START A PROGRAM VERSION: 1.5 DATE: 26/06/2019 AUTHOR: SYLVAIN MARTINEZ REFERENCE: ESC17-MUSCL CLASSIFICATION: PUBLIC
  • 2. 2 • Presentation goal; • Phishing Statistics; • Incident cost; • Phishing protection benefits; • Phishing definition; • Spear Phishing definition; • Phishing email – From the outside; • Phishing email – From the inside; • Phishing Website – From the outside; • Phishing Website – From the inside; • Phishing protection program overview; • Training overview; • Training – Awareness campaign; • Training – Guidelines; • Testing overview; • Testing – URLS; • Testing – Attachments; • Testing – Phishing simulation planning; • Detection overview; • Detecting – Manual detection; • Detecting – Automated detection; • Protecting overview; • Protecting – Warn; • Protecting – Block; CONTENTS PUBLIC CONCLUSIONDEFENCESAWARENESSPROGRAMCONTEXT • Key Take Away; • Get Started; • Extra Resources.
  • 3. PRESENTATION GOAL 3 LEARN HOW TO START AN ANTI-PHISHING PROGRAM 3 LEARN ABOUT DIFFERENT TYPE OF PHISHING PROTECTIONS 2 LEARN ABOUT DIFFERENT TYPE OF PHISHING ATTACKS 1 TO LEARN ABOUT PHISHING PROTECTION SOLUTIONS CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT Icons: from The Noun Project unless stated otherwisePUBLIC
  • 4. PHISHING STATISTICS 4Source: hostingtribunal.com - June 2019PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT ALL EMAILS 45% ARE SPAM SPAM 14.5 BILLION EVERY DAY GROWTH 65% PHISHING IN 2018 MALWARE 92% EMAIL DELIVERED PHISHING EMAIL 16 MONTHLY PER USER PHISHING OPEN 30% BY TARGETED USERS PHISHING CLICK 12% BY TARGETED USERS PHISHING SITES 1.5 MILLION NEW EVERY MONTH
  • 5. INCIDENT COST 5 ELYSIUMSECURITY INVESTIGATIONS MAURITIUS JANUARY 2018 – JUNE 2019 80% FINANCIAL FRAUD 20% RANSOMWARE 100% PHISHING JAN 2018 MAY 2018 AUG 2018 APR 2019 MAY 2019 JUNE 2019 $0.5M $1M $2M $0.5M $1M $0.5M AVERAGE COST PER DATA BREACH AVERAGE COST PER PHISHING ATTACK DATA BREACHES FROM PHISHING ATTACKS AVERAGE DETECTION TIME $3.86M $1.6M 95% 197 DAYS WORLDWIDE WORLDWIDE STATS FROM SAFEATLAST.CO AND RETRUSTER.COM – JUNE 2019PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 6. PHISHING PROTECTION BENEFITS 6PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT IMPROVED SECURITY REDUCED PHISHING COSTIMPROVED AWARENESS KNOW PHISHING RISKS BETTER PHISHING DETECTION FOLLOW BEST PRACTISE STAFF BETTER PROTECTED BETTER EMAIL PROTECTION INCREASED ATTACK VISIBILITY LOWER PHISHING SUCCESS RATE LIMITED PHISHING IMPACT COST REDUCED/AVOID FINES
  • 7. PHISHING DEFINITION 7PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT PHISHING IS A TYPE OF SOCIAL ENGINEERING ATTACK USED TO STEAL SENSITIVE INFORMATION SUCH AS PASSWORDS OR FINANCIAL DETAILS ATTACKERS PRETEND TO BE A TRUSTED ENTITY TO PUSH VICTIMS INTO OPENING FRAUDULENT LINKS OR ATTACHMENTS. THIS IS A GENERIC ATTACK USING COMMON MESSAGES THAT MAY BE RELEVANT TO THE VICTIMS CONTRIBUTING TO THEIR FALSE SENSE OF TRUST
  • 8. SPEAR PHISHING DEFINITION 8PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT SPEAR PHISHING IS AN ADVANCED TYPE OF SOCIAL ENGINEERING ATTACK USED TO STEAL SENSITIVE INFORMATION SUCH AS PASSWORDS OR FINANCIAL DETAILS ATTACKERS PRETEND TO BE A TRUSTED ENTITY TO PUSH VICTIMS INTO OPENING FRAUDULENT LINKS OR ATTACHMENTS THIS IS A VERY FOCUSED ATTACK USING SPECIFIC MESSAGES WITH PERSONAL AND RELEVANT INFORMATION TO THE VICTIMS INCREASING THEIR FALSE SENSE OF TRUST
  • 9. PHISHING EMAIL - FROM THE OUTSIDE 9PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT LOOKS AND SOUNDS LEGETIMATE
  • 10. PHISHING EMAIL - FROM THE INSIDE 10PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT WARNING SIGNS IF YOU KNOW WHERE TO LOOK!
  • 11. PHISHING WEBSITE - FROM THE OUTSIDE 11PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 12. PHISHING WEBSITE- FROM THE INSIDE 12PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT YOUR CREDENTIALS ARE INTERCEPTED AND SENT… TO THE WRONG PLACE / PERSON!
  • 13. PHISHING PROTECTION PROGRAM OVERVIEW 13PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT CAMPAIGN #1 PHISHING MOST COMMONALL STAFF GENERIC INEXPENSIVE AUTOMATED SIMPLE ATTACK CAMPAIGN #2 SPEAR PHISHING LEAST COMMONKEY STAFF TARGET TAILORED EXPENSIVE MANUAL COMPLEX ATTACK TRAINING GUIDELINES AWARENESS CAMPAIGN TESTING OPEN ATTACHMENT CLICK URL DETECTING AUTOMATEDMANUAL PROTECTING BLOCKWARN {elysiumsecurity} PHISHING PROTECTION PROGRAM
  • 14. TRAINING OVERVIEW 14PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT TRAINING GUIDELINES AWARENESS CAMPAIGN SOME PHISHING WILL ALWAYS GO THROUGH CYBER DEFENCES1 USER AWARENESS IS YOUR FIRST DEFENCE AGAINST PHISHING2 TRAIN YOUR USERS TO UNDERSTAND PHISHING RISKS AND LOOKS3
  • 15. TRAINING - AWARENESS CAMPAIGN 15PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT RELEVANT TO YOUR CORPORATE RISK PROFILE 1 COORDINATED WITH CORPORATE COMMUNICATION 2 LINKED TO WIDER CYBER SECURITY AWARENESS 3 MIX OF IN PERSON AND DIGITAL DELIVERY 4 SET AND REVIEW KEY PERFORMANCE INDICATORS 7 REGULAR AND REPEATED 6 USE OF RELATABLE EXAMPLES 5 RESULTS FEEDBACK CAN BE A TRAINING TOOL 8 CHEAT SHEET 10 POSTER 9
  • 16. TRAINING - GUIDELINES 16PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT DO THINK BEFORE YOU CLICK 1 DO CHECK EMAIL PROVENANCE 2 DO CHECK EMAIL CONTEXT 3 DO BE CAREFUL OF DISAPEARING EMAILS 4 DO NOT IGNORE SECURITY WARNINGS 7 DO NOT USE WORK EMAIL FOR PERSONAL PURPOSE 6 DO REPORT SUSPICIOUS EMAILS 5 DO NOT OPEN UNEXPECTED ATTACHMENT 8 DO NOT ENTER PASSWORDS FROM URL IN EMAILS 10 DO NOT CLICK UNEXPECTED URL 9 DO DO NOT
  • 17. TESTING OPEN ATTACHMENT CLICK URL TESTING OVERVIEW 17PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT VALIDATE AWARENESS CAMPAIGN EFFICIENCY1 IDENTIFY MOST VULNERABLE USERS2 USE PHISHING SIMULATION TOOLS3
  • 18. TESTING - URLS 18PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT GENERIC EMAIL CONTEXT1 SPECIFIC EMAIL CONTEXT6 REDIRECT TO GENERIC MESSAGE4 OBVIOUS SUSPICIOUS URL2 ONLY SIMULATE CLICK BAIT3 RECORD VICTIM DETAILS5 DIFFICULT TO SPOT URL7 RECORD VICTIM DETAILS AND STATISTICS10 SIMULATE PORTAL CREDENTIAL STEALTH8 REDIRECT TO AWARENESS CAMPAIGN9 START FINISH
  • 19. TESTING - ATTACHMENTS 19PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT GENERIC EMAIL CONTEXT1 SPECIFIC EMAIL CONTEXT6 REDIRECT TO GENERIC MESSAGE4 OBVIOUS SUSPICIOUS ATTACHMENT2 ONLY SIMULATE CLICK BAIT3 RECORD VICTIM DETAILS5 DIFFICULT TO SPOT ATTACHMENT7 RECORD VICTIM DETAILS AND STATISTICS10 SIMULATE MALWARE INSTALLATION8 REDIRECT TO AWARENESS CAMPAIGN9 START FINISH
  • 20. TESTING – PHISHING SIMULATION PLANNING 20PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT LIST TARGETED USERS (ALL / FEW) 1 EMAIL SCOPE (SAME VERSION FOR ALL?) 2 CLEAR GOALS AND TIMELINE 3 VICTIM MESSAGE READY 4 ANALYSE RESULTS AND ADAPT 7 ESTABLISH BASELINE (GENERIC ATTACK) 6 INFORM STAFF PRIOR STARTING 5 REFINE TEMPLATES 8 SPEAR PHISHING TEST WHEN MATURE ENOUGH 10 BEWARE OF GDPR/DPA WHEN USING 3rd PARTY 9
  • 21. DETECTING AUTOMATEDMANUAL DETECTING OVERVIEW 21PUBLIC MONITOR EMAIL SECURITY1 ENABLE AND ENHANCE PHISHING VISIBILITY2 FACILITATE PHISHING INCIDENT RESPONSE3 CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 22. DETECTING - MANUAL DETECTION 22PUBLIC REVIEW LOGS FOR SUSPICIOUS EMAIL LOGINS 1 REVIEW LOGS FOR SUSPICIOUS EMAIL ACTIVITIES 2 REVIEW NETWORK SECURITY ALERTS 3 REVIEW SYSTEM SECURITY ALERTS 4 ENABLE A SIMPLE PHISHING REPORTING MECHANISM 5 CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 23. DETECTING - AUTOMATED DETECTION 23PUBLIC ENABLE ANTI PHISHING FILTERS 1 CONFIGURE AND TUNE ANTI PHISHING FILTERS 2 SUBSCRIBE TO BLACKLIST SERVICES 3 BASELINE EMAIL ACTIVITIES AND ORIGIN 4 IMPOSSIBLE LOGIN DETECTION SETUP 5 CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 24. PROTECTING BLOCKWARN PROTECTING OVERVIEW 24PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT REDUCE PHISHING RELATED INCIDENT1 ALERT USER OF POTENTIAL PHISHING ATTACKS2 BLOCK IDENTIFIED PHISHING ATTACKS3
  • 25. PROTECTING - WARN 25PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT IDENTIFY AND VISUALLY LABEL EXTERNAL EMAILS 1 IDENTIFY AND VISUALLY LABEL POTENTIAL IMPERSONATION 2 MOVE SUSPICIOUS EMAILS TO QUARANTINE/SPAM FOLDER 3 WARN USERS OF SUSPICIOUS EMAIL LOGIN ACTIVITIES 4 WARN EMAIL ADMIN OF EMAIL RULES CREATION 5
  • 26. PROTECTING - BLOCK 26PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT BLOCK REPORTED EMAIL ADDRESSES 1 BLOCK REPORTED WEBSITES, DOMAINS AND IP 2 BLOCK IDENTIFIED BAD URL AND ATTACHMENT 3 PROACTIVELY BLOCK SIMILAR DOMAIN 4 PROACTIVELY REGISTER SIMILAR DOMAIN 5
  • 27. KEY TAKE AWAY 27 PHISHING IS THE MOST COMMON ATTACK VECTOR TODAY 1 BE AWARE OF PHISHING VERSUS SPEAR PHISHING 2 AWARENESS IS KEY3 IMPORTANCE OF PHISHING PROTECTION4 IMPORTANCE OF EMAIL ACCESS PROTECTION5 PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 28. GET STARTED 28 STAY INFORMED OF PHISHING CAMPAIGNS1 REMIND STAFF OF PHISHING RISKS2 USE SECURE EMAIL PROVIDER3 ENFORCE EMAIL PROTECTIONS4 DEFINE AND IMPLEMENT A PHISHING PROTECTION PROGRAM 5 PUBLIC CONCLUSIONDEFENSESAWARENESSPROGRAMCONTEXT
  • 29. EXTRA RESOURCES 29 CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT TRAINING PUBLIC AVERAGE COST $10 / YEAR / USER / NO CUSTOMISATION GARTNER COMPARE DIFFERENT OFFERINGS https://www.gartner.com/reviews/market/security-awareness-computer-based-training/ SIMULATOR AVERAGE COST FREE - $10 / YEAR / USER PHISHING READINESS THIS IS A PRODUCT BY SYMANTEC https://www.symantec.com/products/phishing-readiness KNOWBE4 THIS IS A COMPANY BY KEVIN MITNICK https://www.knowbe4.com/ MICROSOFT ATTACK SIMULATOR – ATP PLAN 2 https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator GOPHISH OPENSOURCE AND PROFESSIONAL VERSIONS https://getgophish.com/ TREND MICRO FREE AND PAID SUBSCRIPTION https://cofense.com/simulator-small-business-edition COFENSE BOUGHT MARKET LEADER CALLED PHISHME.COM https://cofense.com/simulator-small-business-edition CYBERAWARE FREE RESOURCES https://free.thesecurityawarenesscompany.com/downloads/category/videos/ SANS CAN BE EXPAMSIVE BUT ALSO HAS FREE RESOURCES https://www.sans.org/security-awareness-training ESET CLAIMS TO BE FREE BUT MAY HAVE SOME HIDDEN COST https://www.eset.com/us/cybertraining/ TREND MICRO ALSO OFFERS WIDER CYBER SECURITY TRAINING https://phishinsight.trendmicro.com/en/training MIMECAST ALSO OFFERS WIDER CYBER SECURITY TRAINING https://www.mimecast.com/content/phishing-awareness
  • 30. © 2015-2019 ELYSIUMSECURITY LTD ALL RIGHTS RESERVED HTTPS://WWW.ELYSIUMSECURITY.COM CONSULTING@ELYSIUMSECURITY.COM ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE SECURITY AWARENESS THROUGH AN ORGANIZATION. ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES. ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS. ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE, A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT.