Explore a comprehensive conference talk on the critical importance of implementing phishing simulations as part of an organization's security awareness program. Delve into facts, techniques, and a real-world case study that demonstrate why this practice is essential for modern security strategies. Learn about various threat vectors, the financial impact of breaches, and the evolving demographics of the workforce. Discover how to establish an effective phishing program, including setting up training modules, selecting phishing domains, analyzing statistics, and handling repeat offenders. Gain insights on conducting cyber assessments, whitelisting domains, and executing your first phishing attack. Examine the results of such programs and explore additional fishing controls to enhance your organization's overall security posture.
Overview
Syllabus
Introduction
Threat vectors
Fishing
Exploits
Breaches
Alarms
Costs
Quick justification
The total cost
Credential losses
Business email losses
Security awareness programs
Security software
Security doesnt matter
Shifting demographics
Generation X
Training from top to bottom
Sample questions
Reporting
Training Modules
Domains for the Fish
Statistics for the Fish
Repeat Offenders
Global Availability
Gartner Magic Quadrant
Your Network
Establish a Plan
Cyber Assessment
Training URL
Announcement URL
Cybersecurity Assessment Module
Whitelisting Your Domains
First Phishing Attack
Schema Fight
Results
Other Fishing Controls
Final Thoughts
Taught by
RSA Conference
