Human Centred Threat Intelligence
Phishing emails are constantly improving. Are your employees aware of these advanced phishing attacks and are they able to recognize phishing emails? If you are targeted by an advanced phishing attack, how will your organization respond and what can you do to improve your Human Centred Threat Intelligence?
Phishing
Phishing attacks have become one of the major threats to the IT systems of enterprises. Phishing is one of the success factors of Advanced Persistent Threats (APT). We have probably all dealt with phishing attempts, emails coming from a ‘Nigerian prince’ or a long lost ‘relative’ offering you a tremendous amount of money.
These examples are easily filtered nowadays, as the effectiveness of spam filters has greatly increased over the years. Even if such a phishing attempt does get through to your inbox, it is probably easily identified by you.
These phishing attempts are also called ‘mass-phishing’ emails, phishers send out thousands of messages hoping that the small percentage of people who click will earn them money. However, phishers nowadays have found a more sophisticated way of phishing; ‘spear-phishing’.
With spear-phishing phishers put a lot of effort in crafting their emails to make them look legitimate, winning your trust and making you do anything they want you to do.According to Gartner, 3.6 million clients in the U.S. alone had lost capital due to phishing attacks. The losses reached up to approximately U.S. 3.2 billion per annual. Fortunately every year enterprises invest billions of dollars in enhancing their Cyber Security.
Do you know how your organization will respond to such targeted phishing attack?
Our Tailored Security Education Training and Awareness programmes
Organizations are often directly targeted with phishing emails by attackers. These attacks usually aim to trick an employee to disclose credentials or to share sensitive information. Besides resolving this challenge, organizations are now facing a second challenge. Attackers start abusing their brand name to gain trust at the companies’ most important segment: the customer.
Our tailored Security Education Training and Awareness programmes support organisations in improving their resilience against phishing attacks by emphasising psychological and cognitive factors of employees.
Why our Phishing Awareness Training?
Our “best in business award” winning personality based phishing awareness training is provided in a one on one classroom setting. Our training supports organizations in improving their resilience against phishing attacks by focusing on psychological and cognitive factors of their employees.
Psychological and Cognitive Profiling
Why are psychological and cognitive factors important in an phishing awareness training?
Every individual has different personality traits, level of security policy and general security awareness as well as different level of computer skills. Therefore, when training employees against phishing threats, it is important to identify their information needs and to understand how they react to malicious social engineering attacks.
To raise awareness against social engineering based phishing attacks it is important to identify employees with certain vulnerable personality traits and cognitive factors.
By doing so the executives can effectively select and train employees who may be at higher risk for phishing attacks.
Our cost effective and tailored security awareness trainings empowers organizations to raise efficiently Phishing Awareness of their employees. Research that won the Best in Business Award 2015-2016 of the Nyenrode Universiteit will extend this power to Your Organization!
Want to know more? Please visit our website at: http://www.phishingawareness.nl
Short version of the article on the website of Nyenrode (Dutch): http://newsroom.nyenrode.nl/bedrijven-moeten-meer-investeren-in-phishing-awareness
Short version of the article on the website of Nyenrode (English): http://newsroom.nyenrode.nl/cheaper-and-more-effective-phishing-awareness
Full version of the article on the website of BoardroomIT: http://www.it-executive.nl/images/uploads/downloads/BIT_3_2016_Security__Trust_defLR.pdf