Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

DRTV

Regular User Awareness Training Still the Best Security Tactic

50%
50%

Email continues to be the largest area of exposure for most organizations, and phishing emails lead the charge, according to Stu Sjouwerman, founder and CEO of KnowBe4. And while AI and machine learning can make a difference, these same tools are used by the bad guys, Sjouwerman adds. Regular, monthly trainings help reduce phishing click rates.

Comment  | 
Print  | 
Comments
Oldest First  |  Newest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
3/7/2019 | 2:31:53 PM
Email rule
Easy: IF YOU DON'T NEED IT, DON'T READ IT, DELETE IT.    This would save about half the world. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
3/8/2019 | 3:15:26 PM
Re: Email rule
Agreed, the worst thing I see is when a user isn't sure who a phish is supposed to go to so they forward it around the company. 
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
3/12/2019 | 12:21:25 PM
Re: Email rule
Jackson county, Georgia - $400,000 ransomeware payment - gee betcha under education would have helped here.  Also having a competant IT department with a real backup and disaster recovery plan too.  
lakers85
50%
50%
lakers85,
User Rank: Strategist
5/3/2019 | 8:03:49 AM
Email Security Appliance
I would hope that most, if not all, SMB and large organizations would utilitze some form of an email secuirty appliance or software to help limit the number of phishing email entering the organization. Lets face it, how much training do end users actually receive on a yearly basis...let alone on a monthly basis.

At the end of the day, the human factor is the catch all and recognizing that you should 'not' click on that link is the ultimate security measure to prevent a breach. 
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
7 Ways VPNs Can Turn from Ally to Threat
Curtis Franklin Jr., Senior Editor at Dark Reading,  9/21/2019
Security Pros Value Disclosure ... Sometimes
Dark Reading Staff 9/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I wish they'd put a sock in it.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16706
PUBLISHED: 2019-09-23
kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php.
CVE-2019-16705
PUBLISHED: 2019-09-23
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.
CVE-2019-16703
PUBLISHED: 2019-09-23
admin/infolist_add.php in PHPMyWind 5.6 has stored XSS.
CVE-2019-16704
PUBLISHED: 2019-09-23
admin/infoclass_update.php in PHPMyWind 5.6 has stored XSS.
CVE-2019-16702
PUBLISHED: 2019-09-23
Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI.