Give a man a fish, and you feed him for a day. Teach a man to phish, and he’ll likely eat lobster and drink champagne for the rest of his life. Phishing attacks have skyrocketed during the COVID-19 pandemic. Hackers look to bored, stressed, or distracted employees to steal credentials or spread malware. CISOs stressed vigilance long before the pandemic began, however, hackers continue to dupe unsuspecting employees. The hacker’s success rate may be low, but it only takes one victim to net thousands, or even millions, in illegal profits. CISOs have a few tricks up their sleeve to mitigate the phishing risk but acknowledge there is no silver bullet; someone will always click. These CISOs share their strategies for staving off phishing attacks.
CISO Street recently moderated a virtual CISO panel and asked panelists about their perspectives on current cyber trends and challenges. In this video, Eric Walters, CISO for Burns & McDonnell, Stephenie Southard, CISO for BCU, and Mike Davis, CISO for Alliant Group share what they’re doing to mitigate the risk of phishing in their organizations.