Phish of the Week: October – Groundhog Time for Cybersecurity?

Cybersecurity Awareness – Necessary, but not Sufficient

It’s October…which means it’s Groundhog time in cybersecurity land. Every year, like clockwork at this time, the industry collectively acknowledges and celebrates Cybersecurity Awareness Month to raise visibility about the importance of cybersecurity across the nation.

This year would mark the 18th anniversary (!) since its institution by the U.S. Department of Homeland Security. However, even though it’s been 18 years, and awareness is higher across the board about the importance of cybersecurity, there’s much work to be done to ensure cyber safety.

Threat actors have consistently outpaced existing tools and outfoxed end users. Awareness training, while important, pushes the burden onto the end-user (unfairly, I might add) to spot attacks and thwart the techniques used by motivated actors. That’s a fight that unsuspecting end users will always lose — it’s just a matter of time. Nearly 20 years of history have shown us that even the best cybersecurity awareness training cannot prevent human error.

As part of Cybersecurity Awareness Month, NCSA has also declared that next week (the week of October 11th) is ‘Phight the Phish’ week — and we absolutely stan it — except for the ‘week’ part.

To us, every day and every week is ‘Phight the Phish’ week. It’s time to acknowledge that the best ways to do that are to reduce the burden on your end-users, ask more of your email security controls, and prevent those pesky phish from ever getting to your user’s inbox at the outset.

Ready for a proven approach that goes beyond user awareness? Request a complimentary Phishing Risk Assessment to see which threats are still getting through your current defenses and how we close the email security gap.

[Webinar] Expert Insights from the 2021 Email Threat Report

Area 1 Security’s principal threat researcher, Juliette Cash, and senior product manager, Kevin Wilson, recently joined the CyberRisk Alliance’s Deb Radcliff to unpack key insights from the 2021 Email Threat Report — “$354 million in potential losses — It Started Out with a Phish.”

Watch the on-demand webinar here (no signup required) for key insights about the 31 million email threats we uncovered across multiple organizations and industries.

For example, you’ll learn:

  • Why identity is key — and how identity deception abounds
  • How BEC attacks are low volume, but make up the most potential financial damage
  • The continued risks of brand impersonation, which DMARC fails to solve
  • Practical steps to prevent future email threats

[Fun Quiz] Choose Your Own Adventure

You are a leader and a pioneer. You are looking for the best cloud-native email security solution vendor to protect your company. You’ve heard of an exciting company called Area 1 Security that offers the first and best pre-emptive, cloud-native solution.

But you are unsure where to start. Should you look to see a demo? Chat with a current customer? Or talk with an Area 1 technical expert?

Take this fun quiz to find out.

May the force be with you.

[Blog] Does the Government Need a Cybersecurity Bailout?

This summer, the President of the United States invited some of the most prominent technology and private institutions leaders to discuss cybersecurity. The President told the leaders, “I’ve invited you all here today because you have the power, the capacity, and the responsibility, I believe, to raise the bar on cybersecurity.”

In response, companies like Amazon, Apple, Google, and Microsoft pledged billions of dollars to raise cybersecurity awareness and training.

But is that enough? Is that the right cure for the constant cyberattacks threatening national security and infrastructure?

Read this blog from a former CISO to find out.

Want to keep up to date with the latest phishing trends?

Subscribe to our newsletter here!

Subscribe

Shalabh