Sophos' Phish Threat Test can help organisations to eliminate or reduce the impact of the largest attack vector – people.
Sophos says it educates and tests an organisation's end users through automated attack simulations, quality security awareness training, and actionable reporting metrics, and facilitates a positive security awareness culture.
Sophos acquired the Phish Threat technology in late 2016 from penetration test and risk assessment consultancy Silent Break Security. It has since integrated the product into the Sophos Central platform.
|
|
Brady Bloxham, founder and former chief executive of Silent Break Security, said, “I noticed a discrepancy between the way cyber attacks were being conducted in the wild and what the private sector was calling a 'penetration test'.
"We built Phish Threat to replicate the mindset of a real attacker, using the complicated methods and techniques in use today. This means assessments are modelled after potential attacks that organisations may face from real hackers. We also wanted to make it more transparent and easier for IT to collate and analyse results – something we hadn’t found in other tools.”
Bill Lucchini, senior vice-president and general manager for the Sophos Cloud Security Group, said, “Phishing has evolved in lockstep with the 'malware-as-a-service' phenomenon. For years, criminals have disguised attacks in email and today SophosLabs sees phishing emails as a primary delivery method for ransomware payloads.
“Preventing users from succumbing to phishing attacks can seem like an uphill battle. However, with Sophos Phish Threat, IT managers now have sophisticated, integrated threat intelligence that combines the strength of Sophos security technologies with a product that tests, trains and analyses human vulnerabilities. This creates a very powerful solution for businesses struggling to keep ahead of organised cybercrime and unwary end-users,” he added.
Sophos says that phishing training allows IT managers to more effectively address threat prevention by targeting risky user behaviour and creating a stronger security culture across an organisation.
While Sophos does not advocate it, "name and shame" of repeat offenders is a proven method to quickly change human behaviour provided it is accompanied by equally achievable “fame” awards.
Mike Morrison, founder of RapidBi is a change management specialist. He says “name and shame” puts the person on notice and should improve behaviour but it has to be done in such a way that it does not publicly humiliate them.
He adds that in important cases you have only two choices – “change the people, or change the people”. He adds that you need to “train them” so that they change. Unfortunately, by this time it is often too late. So, if coaching and training does not change your people… you need to “change your people”.
