What are some effective solutions for phishing attacks outside of awareness training?

Security & GRC Data Privacy & Protection

585 views1 Upvote8 Comments

Sort by:

Head of IT and Security in Finance (non-banking)4 years ago

I've been using Forcepoint mail filter... but awarness is still the best solution.

CISO in Software4 years ago

Implementation and adoption of malicious email detection and blocking in email systems

CEO, MSSP - High Assurance Cybersecurity SOC in Services (non-Government)4 years ago

Phishing is as much a technical issue as it is training. We all know why training is necessary... the sophistication of phishing attacks however beats how well we are trained and if we retained what we learned. So, think Defense in depth - edge to core solutions all hopefully working in tandem. But then you have the issues of remote work, cloud environments, and Starbucks wi-fi computing. The greatest impact we see comes from XDR (EDR and EPP included) monitoring and response solutions that are behavior-based with threat intelligence working at the speed of attack. Unexpected abnormal activities are identified as they happen and addressed in a form of appropriate and automated responses. I can explain the mechanics in gory detail, please reach out directly.

Director of IT in Software4 years ago

I've used KnowBe4 phishing tests and found them easy to execute. Office365 has a new option that allows you to simulate various attacks but it requires higher end-user license

Senior Director, Technology Solutions and Analytics in Telecommunication4 years ago

There are a few solutions out there today using machine learning and AI that go through every single email, but it's still not good.

1 2 Replies

no title4 years ago

The Microsoft one doesn't work. I've tried it. We're using Armorblox, and it works pretty well. They're a startup.

no title4 years ago

The built-in stuff doesn't work. We're using Material Security on our side, and it's done a very good job. But as an ingress point in organizations, I still think the biggest weakness is the humans. Humans are still the weakest link.<br><br>The security space is funny, because most companies get acquired. It's a fast turn: there are brilliant ideas, and then they get rolled into something else. A lot of the time, the technology gets killed as a part of the acquisition process. These innovative ideas end up as a piece of something else that's mismanaged and then they’re not particularly innovative once they’ve been acquired. I love the security space, but I'm somewhat cautious there because I wonder, how long are you going to be around?

Content you might like

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

If two RFP bids are neck-to-neck on core requirements, which factor becomes the ultimate tie-breaker?

Proven outcomes – Documented success stories and measurable KPIs35%

Implementation confidence – Detailed plan, risk mitigation, and resource readiness48%

Total cost – Clear TCO, price protections, and exit terms39%

Innovation & future readiness – Ability to scale, adapt, and support emerging needs13%

Vendor relationship strength – Cultural fit, governance model, and executive commitment12%

View Results

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models. Scope includes Environment Setup: Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation. Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

How likely is an organization to have misconfigured multi-factor authentication (MFA) settings?

Very likely6%

Likely42%

Somewhat likely23%

Somewhat unlikely14%

Unlikely10%

Very unlikely2%

Unsure

View Results

What are some effective solutions for phishing attacks outside of awareness training?

Sort by:

Content you might like

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

If two RFP bids are neck-to-neck on core requirements, which factor becomes the ultimate tie-breaker?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

How likely is an organization to have misconfigured multi-factor authentication (MFA) settings?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go