
Breaking the Fraud Chain: Proactive Guidance for CISOs
In honor of Cybersecurity Awareness Month, IANS Faculty Aaron Turner discussed practical steps that individuals and organizations can take to prevent fraud, with a focus on breaking the chain of communication that malicious attackers rely on.
DOWNLOAD NOW: Cybersecurity Strategy Template
One recommendation is for individuals to never accept contact details at face value when prompted by an unsolicited email. Instead, Turner advises that individuals always verify the company's contact information independently rather than trusting what is shared in potential phishing emails. Watch the full video:
DOWNLOAD NOW: Modernize Your Phishing Program to Address Ransomware
Another security tip is specific to helpdesk professionals: if an end user calls claiming to need a password reset urgently, the proper process is to thank the caller, hang up, and then call them back using their verified number. This approach will prevent attackers from controlling the conversation and allows the organization to confirm if the request was legitimate.
READ MORE: 10 Cybersecurity Training Tips for Security Awareness Month 2025
Building such processes—both for individuals and at a corporate level—helps break the sense of urgency attackers try to create and ensures communications are verified before any sensitive actions are taken.
Subscribe to IANS Research YouTube Channel for more practical guidance from IANS Faculty members: youtube.com/@ians_research
Download our 2025 Security Software and Services Benchmark Report—and gain access to valuable insights and practical strategies for managing vendors and MSSPs, especially during periods of budget constraints.
Download the 2025 Security Organizational Design Benchmark Snapshot Report. This snapshot report of Fortune-500-size security organizational design is a preview of the full 2025 Security Organizational Design Benchmark Report, which helps CISOs refine their cybersecurity organizations by showing how top Fortune 500, large, and midsize companies structure security teams, allocate budgets for staffing, and set compensation levels for various management and individual contributor roles. It includes insights on team design, leadership positions, and pay ranges broken out by three distinct revenue and staffing clusters: contact us now to request the full report.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.