Typically, when we talk about “insider threats”, we immediately think of the malicious insider. But the prevalence of external attacks over the last few years has created an evolution of tactics by threat actors that results today in the use of social engineering tactics designed to get an insider to do the “dirty work” rather than the threat actor needing to gain access, persistence, stealth, etc.
Business Email Compromise, impersonation, vishing, and use of deep fake technology all aid in creating the illusion of legitimacy for the victim, changing their role from one who helps keep the organization secure to one assisting threat actors with their desired malicious actions.
So, what specific attacks leverage social engineering, what tactics are used, and how can you spot them before damage is done?
In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia takes my seat and will take a closer look at insider threats, specifically focusing on those enabled by social engineering tactics. Nick will provide:
- An overview of insider threats today
- Details on the role of social engineering in insider threat attacks
- Insight into the importance of the human element of cybersecurity
- A view of these attacks using the MITRE ATT&CK Framework
Nick will be joined by Dr. Christine Izuakor, CEO Cyber Pop-up, PhD Security Engineering, CISSP, CISM, who will discuss the latest trends in social engineering tactics, providing real-world examples and insight into:
- CEO Fraud attacks
- BEC attacks targeting Microsoft 365
- Use of Deep Fake technology
- Current spearphishing attacks.
Dr. Izuakor will also discuss what aspects of human behavior and types of security solutions can be used to prevent, detect and respond to these kinds of insider attacks.
This real training for free event will be jam packed with technical detail and real-world application. Register today!