The 2017 Verizon Data Breach Investigations Report suggests 93% of breaches involve social engineering. In 2018 the report suggested that 78% of employees can go a whole year without clicking on a phishing email, but that 4% of employees will click on everyone one. With hundreds of thousands of people working in financial institutions around the country, we have a high potential level of risk. Cybercriminals have also weaponized tools into phishing emails that can compromise our systems and takeover control. Phishing campaigns have been automated and are distributed as a service “crime-as-a-service” to other cybercriminals looking for repeatable processes to conduct mass scale phishing campaigns. Considering the high probability of people to fall victim and the damaging destruction phishing can cause, it positions phishing as a digital weapon of mass destruction.
This discussion will highlight the advancements in cybercrime and social engineering that are targeting our people resources. Best practices will be discussed for processes necessary to improve the weakest links in our institutions. With a reliable process, we can measure the level of risk and implement effective risk mitigating controls.
- Trends in Cyber Security Attacks
- Social Engineering – what you need to know
- Latest Phishing Scams
- Logical controls to reduce risk around people
- Creating positive cybersecurity culture
- Deploying continual and ongoing educational programs
- Unique ideas on educating people
- Automated phishing tests