One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8435147 |
| Date de publication | 2024-01-05 06:00:31 (vue: 2024-01-05 15:08:16) |
| Titre | 2023 Année en revue: versions de contenu axées sur les menaces pour la sensibilisation à la sécurité 2023 Year in Review: Threat-Driven Content Releases for Security Awareness |
| Texte | As a new year approaches, it is natural to reflect on recent accomplishments. At Proofpoint, we are reflecting on our work to deliver security awareness content and updated features in line with our ongoing goal to drive behavior change. Proofpoint Security Awareness integrates our rich threat intelligence, which means it taps into current and emerging attacks. Our threat analysts surface threat trends, such as artificial intelligence (AI)-enhanced vishing, malicious QR codes and remote IT support scams. And then we work quickly to release new training features and awareness material to ensure inform security administrators and educate employees about ever-evolving attacks. In 2023, our content releases focused on three areas: Delivering a threat-driven program Improving how security awareness administrators work Enhancing how people learn Let\'s review the past year and explore how Proofpoint used content releases to respond to the changing threat landscape. Image from AI Chatbot Threats training (play video). Quick turnaround for threat trends Proofpoint Security Awareness alerts customers to threats in two powerful ways-Threat Alerts and Attack Spotlights. It also continuously trains employees with threat-driven training modules. Threat Alerts These weekly releases focus on a specific and current ongoing attack. They explain what the threat is and who it might target. And they describe a specific lure, if applicable. Each alert is linked to activity that our threat analysts see happening in the wild. We recommend applicable training like simulated phishing and awareness material and include suggested email messaging. In 2023, we released Threat Alerts on: IRS-themed phishing lures for tax season (February, March, April) AI-enhanced vishing calls that impersonate loved ones (March) Malicious QR codes for credential phishing (May, August) Telephone-oriented attack delivery (TOAD) using a Geek Squad PDF lure (July, October) Charity donation scams around the Israel-Palestine crisis (October) Christmas party lures for credential phishing (November) Attack Spotlights These monthly releases cast a wider lens on attack types. They focus on a time-based or reoccurring threat that is expected to trend, typically related to holidays, travel seasons or shopping events. Each spotlight is released a month in advance with a campaign plan, awareness material and training modules, and is available in 12 core languages. In 2023, Proofpoint published these Attack Spotlight campaigns: Smishing with package delivery lures (February) Business email compromise (BEC) phishing with requests for quotations (RFQs) (April) LinkedIn phishing lures (May) Amazon phishing lures (June) Remote IT support scams (September) Gift card scams (December) Image from Attack Spotlight video (play video). Threat modules These training videos are relevant to the changing threat landscape. They are inspired by our threat intelligence and our team\'s threat landscape research. These micro-learning modules are grounded in learning science principles that are designed to drive behavior change. Each module has a concise and specific learning objective. The delivery of content is tailored to individual factors such as a person\'s role, learning style, vulnerability level and preferred language. In 2023, we covered these topics in our new threat training modules: Data loss protection AI chatbot threats Amazon phishing scams Cryptocurrency investment scams QR code dangers Multifactor authentication (MFA) Image from Threat Module video (play video). Staying ahead of generative AI attacks AI-powered systems are promoted as tools to help us work faster, and they are transforming businesses and industries. This wide-reaching access can create security risks from potential data breaches to concerns over user privacy. Your employees need to be aware of the limitations and risks of using AI-powered tools, especiall |
| Envoyé | Oui |
| Condensat | 2022 2023 2023: 27002:2022 360 365 ability about abused academic access accomplishments account across action activity actors adaptive add address administrator administrators adobe adopt advance advanced aesthetic after ahead aim ai chatbot threats alert alerts alignment also always amazon analysts analyzed animated animation answer anti applicable approach approaches april are area areas: around article artificial assess assessment assessments assign attachments attack attacks attacks august authentication automate available aware awareness awareness: badges based basic bec been behavior behind being beloved best better between bites brands breaches breaches browsing business businesses calendar calls calls campaign campaigns campaigns: can card cards carefully cartoons cast categorization certain chain chain change changing charity chatbot chatbots chatbots choose christmas cjis classic clear click clips cloud cloud code codes collection comedic commitment compliance comprehensive compromise concept concepts concerns concise connections content context contextual continued continuously controls conventional core could cover covered covers create credential criminal crisis crucial cryptocurrency curated current curricula curriculum customers cybersecurity daily dangerous dangers data data day december dedicated deeper degree deliver delivered delivering delivery demonstrate describe design designed destruction developed development difference difficulty dive docs docusign donation doxing drive driven drives duration each early ease easy educate education educational effective either email emerging emotions employees end engage engagement engaging engine enhanced enhancing ensure entry especially essential essentials evaluate events ever evergreen evolving example expanded expected experience explain explains explanation explore face factors failed faster feature features february file final find first fits flexibility focus focused for: format foundational four free from full game games gamified gauge geek general generative gift goal google great grounded guided guidelines habits hackers hall handling happening has help helps here heroes high highlighting holidays hook hooks how idea image imagery impact impactful impersonate impression improve improving include include: included: included: includes includes: including incorporate individual industries infographic inform information information informed initiative insider inspired instruction integrates intelligence interactive internet introduced investing investment irs iso/iec israel july june just justice key keyboard kit kit know knowledge landscape language languages last layering learn learners learning learning learn lengths lens lesson let level levels life like like: limitations line linked linkedin little live lives logo long look loss lot loved lure lures lures lures main make making malicious manual march material maximize may means medium message messaging methods mfa mfa micro microsoft might modern modular module modules modules: modules moment month monthly months more more motivate mouse move multifactor multiple nano natural need needs new news nist non note november now objective objectives october on: one ones ongoing operations optimization options oriented other out over package palestine part particular party past paths pdf people performance person personalized phil phish phishing physical plan plans plan play plus points poisoning possible post potential powered powerful pre preferred premium prepare prime principles privacy program program progress promoted proofpoint protecting protection protection proud providing public published punchy push question quick quickly quite quizzes quotations ransomware rapidly reaching real recent recommend reflect reflecting regulations reinforce reinforced reinforcing related relation release released releases relevant remote remove reoccurring report requests requires research resources re |
| Tags | Ransomware Tool Vulnerability Threat Studies Prediction Cloud |
| Stories | |
| Notes | ★★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.