Blunting the Phisher's Spear - A Risk-Based Approach

Explore a groundbreaking approach to combating spear phishing attacks in this 27-minute Black Hat conference talk. Delve into the limitations of current cybersecurity training methods and discover a novel, risk-based strategy for enhancing organizational cyber resilience. Learn about the Suspicion, Cognition, Automaticity Model (SCAM) and how it informs the development of an employee Cyber Risk Index (CRI). Understand how this innovative approach can revolutionize user training, access management, and overall cybersecurity practices. Gain insights into the factors contributing to phishing victimization and explore ways to implement individualized, cognitive-behavioral training techniques. Examine the potential impact of evidence-based admin privilege allocation and discover how these paradigm-shifting solutions can significantly improve an organization's defense against sophisticated phishing threats.