Phishing is probably the oldest and the most potent attack vector threatening today’s organizations. More than 90% of all cyber-attacks begin with phishing emails. Google reportedly blocks 18 million scam emails every day and registered a record two million phishing websites last year.
And phishing attacks don’t look like they are going away anytime soon. In fact, they are going to become even more targeted as organized crime syndicates get their hands on dark web data dumps. Fighting and mitigating these attacks can be challenging and requires multiple layers of defense. Let’s explore the top three elements of a multi-layered, defense-in-depth approach:
1. Policies, Procedures and Documentation
Organizations must set guidelines for employees and vendors on what is allowed and what is not allowed regarding devices and services and personal responsibilities.
The acceptable use policy (AUP) is a key component that…