My key takeaways
- ~40 threats/day in 2020 to take care of
- top 3 initial breach root causes
- social engineering
- unpatched software (>90% Java)
- medium threat
- general mitigations
- policies
- tech. defenses
- security awareness training
- Also educate your vendors about your AUP
- include a phishing mitigation section in your AUP
- paying everybody $1000/year who doesn’t fall for any phishing mail (real or simulated) is a lot cheaper then paying ransom to ransomware criminials
- anybody can be phished! more honey, less sticks
- reasons for cyber security insurances
- limit the cost if hit by an incident
- help you to recover as quick as possible (to limit their costs)
- be aware of exclusions in cyber security insurances
Env
- Provided by knowbe4
- Presenter: Roger Grimes