Beyond Phishing Training – Technical Controls to Increase Resilience

Beyond Phishing Training – Technical Controls to Increase Resilience

Phishing continues to be one of the most frequent attack vectors for credential harvesting and ransomware. AV/EDR will detect some of the payloads, and filters may detect many phish, but some users will still click, and modern phishing schemes are becoming more sophisticated. Knowing all it takes is one user to have a significant breach/event, how should teams look at phishing training and what else can be done to prevent the phish from getting through? This session explains:

• How phishing has become more sophisticated (e.g., OAuth spoofing) and how to help the SOC detect it
• What phishing training should, and shouldn’t, look like
• Metrics to measure that make a difference
• Controls to put in place like malware sandboxing and quarantine, as well as DMARC, DKIM and SPF
• How to refine your phishing prevention and detection processes and strategies

Audience

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.