One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8393773 |
| Date de publication | 2023-10-10 07:16:32 (vue: 2023-10-10 15:07:18) |
| Titre | Au-delà du statu quo, partie 1: le rôle vital des menaces de renseignement dans la sensibilisation à la sécurité Beyond the Status Quo, Part 1: The Vital Role Threat Intelligence Plays in Security Awareness Education |
| Texte | Welcome to the first installment of a three-part blog series that is focused on how to inspire engagement in security awareness for both users and practitioners. It will also explore creative techniques you can use to build a security culture that go beyond traditional security awareness training. Cybersecurity Awareness Month is an excellent time to rejuvenate your security awareness program. But how can you sustain the momentum of Cybersecurity Awareness Month beyond October? Try adding threat intelligence to your program. It can personalize and invigorate your curriculum for your users. Integrating threat intelligence into security awareness seems intuitive-and many practitioners claim to do it. But data suggests otherwise. Research Proofpoint conducted for our 2023 State of the Phish report found that while 75% of businesses faced business email compromise (BEC) attacks, a mere 31% trained their users about this threat. This indicates that while many businesses are aware of emerging threats, they struggle to weave this information into their training modules. This blog post delves into best practices for using threat intelligence to raise security awareness with users. It includes insights from a customer session we held during Proofpoint Wisdom 2023 entitled “Utilizing Threat Intel to Design a Program that Works.” During that session, I spoke with Andrew Munson, senior manager of information risk management and governance at McDonald\'s Corporation, and Shaun Holmberg, IT security analyst at Commercial Metals Corporation. Both provided insights into how they infuse threat intelligence into their global security awareness initiatives. Understanding threat intelligence Threat intelligence is the knowledge and analysis of cyber threats and vulnerabilities that can pose a risk to a business. This information includes details about the attack lifecycle, network architecture vulnerabilities and which users are being targeted. The intel should also provide details of the risk level or the consequential impact that a successful cyber attack may have on a business. This information can be gathered from various sources. According to Shaun and Andrew, examples of optimal sources for intelligence are: Research reports. These resources include, but are not limited to: State of the Phish from Proofpoint Verizon\'s Data Breach Investigations Report (DBIR) FBI Internet Crime Report (Internet Crime Complaint Center) Coalition\'s Cyber Claims Report Security feeds. Proofpoint threat intelligence services, Rapid7 and Cyber Reasons are examples of providers of these feeds. Incident reports from products. These reports include Proofpoint Targeted Attack Protection reports, Proofpoint Closed Loop Email Analysis (CLEAR) and other reports related to the penetration testing of a company\'s infrastructure. Why is threat intelligence crucial for a security awareness program? Let\'s dive deeper into this subject using insights from the recent discussion with Andrew and Shaun. Making threat intelligence actionable At McDonald\'s, Andrew works with departments across the globe. Each region has its own requirements and is targeted with threats specific to an office. This is where working with a resource like the Proofpoint threat intelligence service team can create significant benefits for security teams. Andrew described how working with our team gives him an advantage. He said the Proofpoint threat intelligence service team can analyze data across the globe to correlate attacks that may be affecting a single region. For example, they can recognize a targeted attack specific to Germany, which differs from an active attack they\'ve identified targeting Austria. Andrew said he uses this data to build separate simulations that mimic the active attack for each region and launches an auto-enrollment training session tuned to recognizing the attack indicators. He can also provide resources like notifications or informative newsletters, all within the region\'s native l |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 2023 about accident according accordingly accuracy accuracy across actionable active actual adapt adaptive adding additionally administrator advantage affecting after against aggregate ahead all allows along also analyses analysis analyst analytics analyze analyzed analyzes andrew architecture are are: assessment assessments assessments attachment attachments attack attacks augment austria auto aware awareness back based bec because become becoming before behavior being benefits best between beyond big blog both breach breached break build business businesses but can case cause center chain changing claim claims classified clear click clicks closed coalition coming commercial communication communications companies company complaint comprehend compromise conduct conducted conducting consequential contact content corporation correlate create creative crime crucial culture current curriculum customer cyber cybersecurity daily data dbir deal deeper defenders defense degrees delves departments described design details determine develop differs discuss discussion discussions dive doesn down drive during each easier echoed education effectiveness efforts email emails email emerge emerging emphasized employee employees empower encourage end engage engagement enrollment ensure entitled essential evolves example examples excellent explore external faced fall fbi feedback feeds find first flexibility focused formal foster found four from full future gather gathered gauge generic germany gives global globe goal good governance great guide happening harvesting has have held help helping helps here him his hit holmberg home how identified identifies identify identifying immediate impact impactful implications important improve improved improvements incident include includes incorporating indicates indicators indifferent individual information informative informed infrastructure infuse initiatives insights insights inspire installment instance instead integrating intel intelligence intelligence interaction internal internet intuitive investigations invigorate isn is its just justify key know knowledge landscape language last latest launches launching learn let level life lifecycle like likely limited lines link links live loop lower make making malicious management manager many marketing materials may mcdonald measure measuring meet mentioned mere messages metals metric metrics microsoft middle mimic mistake mitigate modules momentum month monthly more munson native need needs network new newsletters next not noted notification notifications nuisance number october offering office once ongoing open optimal organizations original other others otherwise out outcome over overall own part participation penetration percentage personalize phish phishalarm phishing place plan plays point pointed points pose positions positive post potential power power practical practices practitioners proactive products program programs proofpoint proofpoint proponent protect protection provide provided providers qualitative quo raise ransomware rapid7 rate rate rate real reasons receive recent recognize recognizing recommend: reduce region reinforces rejuvenate relatable related relevance relevant remains remember replay report reported reporting reports report repurpose requirements research resource resources respond response responsibility results retain right risk risks role run said saves saw security see seek seems send senior sent sentiment separate series service services session shared shaun shaun: should significant simulation simulations single situation smaller solution some someone sources spam spear specific spoke stance state static; status stay steps strategies struggle studies subject success successful suggests summary surge sustain tailor take takeaways tap targeted targeted targeting team teams techniques testing tests tests them themselves there these they threat threats three time to: too total toward track traditional trained training trainings training trends tricked try tuned turn |
| Tags | Ransomware Data Breach Vulnerability Threat Studies |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.