Source URL: https://www.isc2.org/professional-development/webinars/thinktank
Source: ISC2 Think Tank
Title: The Evolution of Email Threats: How Social Engineering is Outsmarting Traditional Defenses
Feedly Summary: A staggering 74% of all breaches involve the human element, proving that cybercriminals are relentlessly exploiting users through sophisticated email-based social engineering attacks. While organizations have invested in email authentication, advanced threat detection, and security awareness training, attackers continue to adapt – leveraging techniques like Business Email Compromise (BEC), Telephone-Oriented Attack Delivery (TOAD), and benign conversation hijacking to infiltrate businesses. On April 24, 2025 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific, join Proofpoint and ISC2 when we will explore: • How attackers manipulate human trust – why social engineering tactics like BEC, TOAD and email conversation hijacking continue to be effective. • The gaps in traditional email defenses – how attackers evade MFA, exploit supplier relationships, and impersonate trusted senders. • Best practices to reduce human-targeted risk – suggested tips and recommendations to integrate a holistic email security strategy. Don’t miss this exclusive discussion with industry experts to gain actionable insights into protecting your organization from today’s most advanced email-based threats.
AI Summary and Description: Yes
Summary: The text highlights the significant role of human factors in cybersecurity breaches, specifically through sophisticated email-based social engineering attacks. It emphasizes the ongoing adaptations by cybercriminals and the limited effectiveness of traditional security measures against these evolving tactics. For professionals in security and compliance, it underscores the necessity of a comprehensive email security strategy to mitigate risks.
Detailed Description: The content focuses on the critical issue of cyber threats that exploit human behavior, illustrating how attackers constantly adapt their strategies to compromise organizations. The upcoming discussion organized by Proofpoint and ISC2 aims to offer in-depth insights into this subject.
– **Human Element in Cybersecurity Breaches**:
– 74% of all breaches involve the human element, emphasizing the importance of user awareness and training.
– Cybercriminals utilize advanced techniques to manipulate users and exploit vulnerabilities.
– **Common Attack Techniques**:
– **Business Email Compromise (BEC)**: Fraudulent schemes that target legitimate business transactions.
– **Telephone-Oriented Attack Delivery (TOAD)**: Using phone calls as an attack vector to extract sensitive information.
– **Benign Conversation Hijacking**: Intercepting and manipulating ongoing communication threads to mislead and exploit individuals.
– **Challenges for Organizations**:
– Traditional email defenses often fall short; attackers find ways to bypass multi-factor authentication (MFA) and impersonate trusted contacts.
– Cybercriminals exploit supplier relationships to gain unauthorized access to sensitive information.
– **Recommendations and Best Practices**:
– Organizations should implement a holistic email security strategy incorporating advanced threat defenses and user education.
– The discussion will provide actionable insights and strategies to reduce human-targeted risks, highlighting the need for continuous training and adaptation of security measures.
This content serves as a crucial reminder for security and compliance professionals of the evolving nature of cyber threats and the importance of addressing the human element in cybersecurity strategies. It signals the necessity for ongoing education and enhancement of security protocols in order to stay ahead of potential threats.