KnowBe4 - CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide,   Phishing Guidance: Stopping the Attack Cycle at Phase One .
 
The joint guide outlines phishing techniques malicious actors commonly use and provides guidance for both network defenders and software manufacturers to reduce the impact of phishing techniques used in obtaining credentials and deploying malware.
 
CISA and its partners encourage network defenders and software manufacturers to implement the recommendations in the guide to reduce the frequency and impact of phishing incidents. For more information, see CISA’s   Malware, Phishing, and Ransomware   and   Security-by-Design and -Default   webpages.
 
High on the list of mitigations, they recommend user training
 
"Implement user training on social engineering and phishing attacks [CPG 2.I]. Regularly educate users on identifying suspicious emails and links, not interacting with those suspicious items, and the importance of reporting instances of opening suspicious emails, links, attachments, or other potential lures. "
We could not agree more. Get a demo.


from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cisa-nsa-fbi-and-ms-isac-release-phishing-prevention-guidance

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"