Phishing for Christmas!
For many years, cybersecurity authorities have observed that phishing is the most prevalent initial enterprise attack vector. Employees just keep clicking. Technology has failed to compensate. Security awareness and training efforts aspiring to stop the clicks have either failed miserably, achieved too little, and/or only changed behavior temporarily.
The goal of this meeting is to turn participants into effective advocates as to what must be done to transform enterprise employees from cyber fodder to cyber warriors. For this meetup, we will be using a “Round Table” format where our moderator, Eirik Iverson, will guide the discussion. If you have a “Phishing Story” you’d like to tell, add a comment to this meetup discussion at URL:
Eirik will contact you for more information. With only Monday-Friday until this meetup, please make contact soonest. Call 703-402-4379 to talk with Eirik if you choose not to use our Meetup.
During our last meeting, we laughed a lot when we decided on our 3 December topic. We agreed to share in depth our open source collective experiences dealing with phishing emails. As risk mitigation planners and practitioners, we will explore and discuss the challenges that organizations have encountered with effectively stopping the clicks. What works, what doesn’t, and what’s missing? And to provide us all greater context for the magnitude of clicking consequences, participants will help enumerate those typical cyber resources that exist directly and indirectly because of the clicks.
We are very fortunate to have Eirik Iverson moderate our round table discussion on this subject. Eirik has been in cybersecurity product management for over 20 years with responsibilities in many of our arenas. His presentation on “Deconstruct Past Attacks to Better Plan for New Ones” served as the catalyst for very interesting discussions during our previous meeting. We focused on a simple question. Do common, successful attack vectors reveal better ways to contend with the human element and ineradicable technical uncertainties permeating our defenses? We began to conceptually deconstruct attack vectors to try to better answer such questions together.
REGISTER at http://www.meetup.com/NCR-Risk-Management-Framework-Lifeboat/ SOONEST. You’ll find the practical information for our LifeBoat group meeting there. You can also tell other folks that they can easily get information and RSVP by starting on our ISSA Northern Virginia (NOVA) home page at http://nova.issa.org/ .
If anyone decides against using a free Meetup account, they are welcome to call 703-402-4379 to RSVP and get the practical details (where, when, and free parking). They can also optionally request to be added to our BCC email distro list. HOWEVER, many valuable RMF LifeBoat files are posted on our meetup for download by our Meetup group members