Headlines in Cybersecurity: What States Should Know - Day 5 Phishing

The pace and impact of cyberattacks on government and critical infrastructure IT systems have accelerated over the past several years. Malware inserted into software platforms and widely distributed to customers; ransomware attacks taking down hospitals and local governments; hacks endangering water systems – all of these and many more show that our systems are under siege.

Join us for these five one-hour webinars spread over five days, as thought leaders from government at all levels and the contracting community focus each day on a specific aspect of the cyber threat environment and ways to more effectively respond and protect their most valuable assets – their data and IT systems.

Day 5: Phishing

Of all the security threats that face IT, phishing stands out because it is not an attack on the technology – it is “social engineering,” getting incautious users to click seemingly innocuous links or visit seemingly harmless websites and allowing hackers to steal user names, passwords, financial data, or other information they can use. Phishing also is one of the oldest tricks in a hacker’s book, pioneered in the mid-1990s.

Today, phishing is usually a “gateway crime” – hackers often use it as a way to get the credentials to gain entry into the broader IT system and launch other attacks, such as ransomware.

Join us as thought leaders from government and industry discuss why users continue to fall for phishing schemes, how to protect government or employee data to prevent phishing, and strategies to educate users and keep them from taking the bait.

Learning Objectives

• Determine what kinds of programs or platforms can reduce the success of phishing at organizations.
• Identify the elements of good user training and awareness programs to protect both them and the networks to which they have access.
• Understand the strategy behind phishing attacks and the measures that can protect from their follow-up intrusions.