The 2019 Verizon Data Breach Investigations Report suggests 96% of breaches involve phishing emails. In 2018 the report suggested that 78% of employees can go a whole year without clicking on a phishing email, but that 4% of employees will click on everyone one. With hundreds of thousands of people working in financial institutions around the country, we have a high potential level of risk. Cybercriminals have also weaponized tools into phishing emails that can compromise our systems and take over control. Phishing campaigns have been automated and are distributed as a service “crime-as-a-service” to other cybercriminals looking for repeatable processes to conduct mass-scale phishing campaigns. Considering the high probability of people falling victim and the damaging destruction phishing can cause, it positions phishing as a digital weapon of mass destruction.
This discussion will highlight the advancements in cybercrime and social engineering that are targeting our people's resources. Best practices will be discussed for processes necessary to improve the weakest links in our institutions. With a reliable process, we can measure the level of risk and implement effective risk mitigating controls.
This presentation will cover the following areas/topics:
- Trends in Cyber Security Attacks
- Social Engineering – what you need to know
- Latest Phishing Scams
- Logical controls to reduce risk around people
- Creating positive cybersecurity culture
- Deploying continual and ongoing educational programs
- Unique ideas on educating people
- Automated phishing tests
Target Audience: information security officer, IT manager, risk officer, internal auditor, and executives looking to understand expectations around business continuity risks.
This program qualifies for the following CPE Credits through the SBS Institute: 1.5 CPEs*: CBBCP, CBSM, CBVM
Presenter: Eric Chase, SBS CyberSecurity, LLC
Recording available through: June 26, 2021