PREDI C TI VE I NTEL L I GE NC E
Until human nature changes (don’t hold your
breath) phishing attacks that target unwary
people will be a headache.
Operational Risk Consultant. “At the
end of the day, if we have a breach it’s
probably going to have stemmed from
some sort of phishing attack.
“When our regulators or clients are
asking us, ‘What did you do to prevent
this?’ it’s important to feel confident
that we have an anti-phishing program
in place.”
www.intelligentciso.com
|
Issue 10
She noted that inbox behaviour is ‘easily
measurable’. It’s not hard to sustain a
phishing defence program because the
metrics are simple to gather and use to
demonstrate success. In fact, automation
makes it even easier, allowing program
managers to schedule a year’s worth of
simulations in a matter of minutes. Other
automated systems enable SOC teams
to filter and analyse reported emails
quickly, plus remove them from users’
inboxes when verified as threats. Those
are smart uses of technology. After all,
machines are great at saving time and
handling repetitive tasks, saving human
brains and intuition for critical decision-
making. But if you’re placing all your
bets on tech and neglecting the human
factor, it’s going to be a long, and very
phishy, year. u
35