Why integrated phishing-attack training is reshaping cybersecurity—Microsoft Security

Phishing is still one of the most significant risk vectors facing enterprises today. Innovative email security technology like Microsoft Defender for Office 365 stops a majority of phishing attacks before they hit user inboxes, but no technology in the world can prevent 100 percent of phishing attacks from hitting user inboxes. At that point in time, your employees become your defenders. They must be trained to recognize and report phishing attacks. But not all training is equally proficient.

This blog examines the current state of security awareness training, including how you can create an intelligent solution to detect, analyze, and remediate phishing risk. You’ll also learn about an upcoming event to help you get data-driven insights to compare your current phishing risk level against your peers.

A new reality for cybersecurity

The Chief Information Security Officer (CISO) at a modern enterprise must contend with a myriad of threats. The hybrid mix of legacy on-premises systems and cloud solutions, along with the proliferation of employee devices and shadows, means your security team needs a new and comprehensive view of phishing risk across the organization. Self-reported training completion metrics don’t provide insights into behavior changes or risk reduction, leading CISOs to distrust these metrics. Improvement in employee behavior becomes difficult to measure, leaving them anxious that employee behavior has improved at all.

Many information workers view security awareness training as a tedious interruption that detracts from productivity. Often when an employee is compromised during a simulated attack, they find the ensuing training to be punitive and navigate away from the training like nothing happened. Worse, simulations are often out-of-context and don’t make sense for the employee’s industry or function.

People-centric protection

Making secure behaviors a part of people’s daily habits requires a regular program of targeted education combined with realistic simulations. That means regular breach and attack simulations against endpoints, networks, and cloud security controls. Microsoft Defender for Office 365 now features simulations to help you detect and remediate phishing risks across your organization. Attack Simulation Training in Microsoft Defender for Office 365, delivered in partnership with Terranova Security, helps you gain visibility over organizational risk, the baseline against predicted compromise rates, and prioritize remediations. To learn more about this capability, watch the product launch at Microsoft Ignite 2020

Terranova Security employs a pedagogical approach to cybersecurity, including gamification and interactive sessions designed to engage users’ interest. The simulations are localized for employees around the world and follow the highest web content accessibility guidelines (WCAG) 2.1. You will be able to measure employee behavior changes and deploy an integrated, automated security awareness program built on three pillars of protection:

  • Simulate real threats: Detect vulnerabilities by using real lures (actual phishing emails) and templates, training employees on the most up-to-date threats. Administrators can automate and customize simulations, including payload attachment, user targeting, scheduling, and cleanup. Azure Active Directory (AAD) groups automate user importing, and the vast library of training content enables personalized training based on a user’s vulnerability score or simulation performance.
  • Remediate intelligently: Quantify your social engineering risk across employees and threat vectors to accurately target remedial training. Measure the behavioral impact and track your organization’s progress against a baseline compromise rate. Set up automated repeat offender simulations with the user susceptibility metric and add context by correlating behavior with a susceptibility score.
  • Improve your security posture: Reinforce your human security system with hyper-targeted training designed to change employee Attack Simulation Training in Microsoft Defender for Office 365 provides nano learnings and micro learnings” to cater to diverse learning styles to reinforce awareness.

Check your threat level

Coinciding with National Cyber Security Awareness Month (NCSAM),  Terranova will release the results at the end of October from their the Terranova Security Gone Phishing Tournament™. This popular event helps security leaders get an up-to-the-minute picture of their organization’s phishing click rate. Terranova launched this campaign back in August and supplied a free phishing simulation for its applicants and enabled them to benchmark themselves against their peers, giving them accurate click-rate data for comparison.

Co-sponsored by Microsoft, the Terranova Security Gone Phishing Tournament uses an email template from Attack simulation training—a new capability of Office 365 ATP releasing later this year—that acts as an intelligent social engineering risk management tool using context-aware simulations and targeted training.

To learn more about Microsoft Security solutions, visit our website.  Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.