Appropriate venue to find out about the state of art of spear phishing defense?
I know this is only tangentially relevant to nanog, but I'm curious if anybody knows where I can ask what orgs do to combat spear phishing? Spear phishing doesn't require that you deploy DMARC since you can know your own policy even if you aren't comfortable publishing it to the world. tia, Mike
We use KnowBe4.com's user training. That's really the only way you can fight this, since its a human problem, not a technical one. These guys provide fully automated, AI based (well, who knows what that means) simulated phishing attacks, largely to give users real-world practical experience detecting and fending off attacks. You get a report card on each users to, so you know where the weaknesses are in your staff knowledge. Their training regimen includes some pretty good self-guided instructional videos. DMARC, SPF, digitally-signed emails, encryption, none of that matters if a user can be tricked into letting the crooks in the front door. -mel ________________________________ From: NANOG <nanog-bounces+mel=beckman.org@nanog.org> on behalf of Michael Thomas <mike@mtcc.com> Sent: Monday, November 13, 2023 11:40 AM To: nanog@nanog.org <nanog@nanog.org> Subject: Appropriate venue to find out about the state of art of spear phishing defense? I know this is only tangentially relevant to nanog, but I'm curious if anybody knows where I can ask what orgs do to combat spear phishing? Spear phishing doesn't require that you deploy DMARC since you can know your own policy even if you aren't comfortable publishing it to the world. tia, Mike
On 11/13/23 12:29 PM, Mel Beckman wrote:
We use KnowBe4.com's user training. That's really the only way you can fight this, since its a human problem, not a technical one. These guys provide fully automated, AI based (well, who knows what that means) simulated phishing attacks, largely to give users real-world practical experience detecting and fending off attacks. You get a report card on each users to, so you know where the weaknesses are in your staff knowledge. Their training regimen includes some pretty good self-guided instructional videos.
DMARC, SPF, digitally-signed emails, encryption, none of that matters if a user can be tricked into letting the crooks in the front door.
I think that both are needed, to be honest. The signatures can be a tool in the user's arsenal but if they are clueless and gullible there isn't much you can do about that. Mike
participants (2)
-
Mel Beckman
-
Michael Thomas