How To Protect Your Organisation From A Phishing Attack

Size: px

Start display at page:

Download "How To Protect Your Organisation From A Phishing Attack"

Lewis White
5 years ago
Views:

1 PRESENTED BY Ray Dalgarno Empowering the Human Element within the Security Eco-system

2 Agenda Phishing General Background Why Phish5 Phish5 Service - Features & Functionalities Q&A Live demonstration (post presentations)

3 Phishing & Spear Phishing Phishing refers to s utilising a shotgun, indiscriminate approach. Designed to trick recipients into opening attachments which have malicious code embedded, submitting credentials or visiting a website which hosts malicious code Spear Phishing aims are similar to Phishing but are in an increasingly sophisticated & targeted form that, to the recipient, appears to come from a legitimate, trusted source

credentials or visiting a website which hosts malicious code Spear Phishing aims are similar to Phishing but

4 No-one is Safe USA - White House systems USA retailers - Target, Home Depot Sony Pictures NATO Conference Wales (October 2014) Chartered Institute for Securities and Investment

5 UK Cyber Security 90% of large businesses & 74% of smaller ones surveyed suffered a cyber security attack in 2014 the average cost of a breach to business has increased dramatically since 2014, 75k - 311k Cost to SMB organisations 1.46m m Cost to larger organisations PWC-Information Security Breaches Survey 2015

business has increased dramatically since 2014, 75k - 311k Cost to SMB

6 Distribution of Spear-Phishing Attacks Small & Medium Businesses Employees 34% 30% Large Enterprises 2,500 + Employees 41% 39% Symantec Internet Security Threat Report Vol

Large Enterprises 2,500 + Employees 41% 39% 2014

7 Growing International Exposure +/-100 International Banks (est. losses to-date 650M) Inga Beale, CEO Lloyds of London UK companies lose up to 268 million per year the situation is only worsening CMI online 07 April 2015 New data protection laws being finalised in the EU general Only 14% data of breaches breach publicly notification declared obligation, however (PWC Survey) European Data Protection Supervisor, Giovanni Buttarelli April 2015

situation is only worsening CMI online 07 April 2015 New data protection laws being finalised in the EU

8 Verizon Global Breach Statistics 70 contributing organisations; CERT UK, CERT EU, US Secret Service, A.F.P 61 countries represented; U.K, U.S.A, Japan 70% of attacks included a secondary victim Hackers gain access to a secure environment via a less secure environment

9 Phishing Breach Acceleration 82 seconds from start of phishing attack to first bite 90% chance or greater that at least 1 person will become the phishing criminals prey Verizon Breach Report 2015

10 Aberdeen Group Report Want to significantly reduce your organisation s IT security-related risks? - Change the behaviour of your end-users Before-and-after click rates show that investment in user awareness and training reduces infections (breaches) from user behaviour by 45% to 70% The last mile in IT security Changing User Behaviours Oct 2014

- Change the behaviour of your end-users Before-and-after click rates show that investment

11 Vulnerabilities Growth Rate National Institute of Standards and Technology US Dept of Commerce Feb 2015

12 Cyber-Security Environment 9 Threat Platforms listed; from the Internet of Things to BOTS, 4 of these 9 platforms identified for phishing attacks 3 Security Effect levels; Use simulated attacks to Harden Defences, improve readiness: Conduct Enhance Detection, regular internal and Reduce Impact external penetration tests that mimic an attack 20 Priorities; From Inventory of Authorised and Unauthorised devices to Penetration Testing The Council on Cybersecurity - 20 Critical Security Controls

regular internal and Reduce Impact external penetration tests that mimic an attack 20 Priorities; From Inventory of Authorised and

13 Why Phish5 On demand scalability in a highly secure, cloud service Developed by a dedicated team lead by respected international cyber-security consultants Ease-of-use by non-technical people Campaigns executed by customer or business partner

international cyber-security consultants Ease-of-use by

14 Why Phish5 Rapid phishing attack simulation = Pro-Active Immediate management awareness leads to training & other remedial action Enhances existing security immediately Global customers experiences in both the public and private sectors Highly competitive pricing - Great value for money

existing security immediately Global customers experiences in both the

15 Phish5 Features MS Office Macro based campaigns: Know which users open attached Office documents & enabled macros Campaign Scheduling: One or many campaigns in staggered launches Schedule campaigns launching to the second Mx Over-ride: Bypass message filtering provider such as Mimecast & Messagelabs

many campaigns in staggered launches Schedule campaigns launching to the

16 Phish5 Features cont. PDF reporting: Flexible PDF reporting at the click of a button having the ability to fine-grain reports User management: Easily tag and target groups of users e.g. HR, Sales, Legal, Management, Divisions, Branches, Regions Anonymous Campaigns: Know the number of users that were caught, with all of the supporting campaign info, without identifying individual users

17 Phish5 Features cont. Template options: HTTPS-based phishing sites DKIM backed sender domains Different lures for different user groups Staggered Delivery: Avoid alerting through every office phone beeping at once Browser and plug-in vulnerabilities: Interrogates the status of each client-side machine attacked and reports by vendor/product and release

for different user groups Staggered Delivery: Avoid alerting through every office phone

18 Phish5 Example Pie Charts Vulnerable browser distribution Vulnerable plug-in distribution

19 Activity Monitoring & Reporting Real-time Dashboard Summary and Detail reporting Statistical graphs and charts 10 users - opened attachments 50 users - provided credentials 49 users - vulnerable to browser or plugins issues 7 users - been previously phished

attachments 50 users - provided credentials 49 users -

20 Activity Monitoring & Reporting

21 Unique / In House Phish5 Package Code build; development & on-going maintenance costs, people dependency Skilled knowledge typically required for changing attack profiles Attack execution needs skilled staff availability Phish5 research and development costs spread over multiple users globally, cross-industry experiences Industry recognised templates with easily customisable lures or messages Immediate availability you execute when you wish as often as you wish Quantifiable campaign measurements with comprehensive reporting

22 Free Assessment. To all participants in today s Kingston Smith Cyber Event We are pleased to offer a free, 50 user account From a single 50 anonymous baseline campaign to a number of smaller campaigns your choice Test the Phish5 range of options your choice Register interest at Insert words KS Cyber Event in the Message block

23 Empowering the Human Element within the Security Eco-system.. Ray Dalgarno Thank you.

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to