Principle Logic Logo
    770-917-9600
  • Home
  • About
  • Services
  • Resources
  • Blog
  • Contact

Kevin Beaver's Security Blog

  • Email phishing expertise: Lack of skills or just a lackadaisical approach to security?

    28 Jun 2016

    I can’t think of any current security test that’s more important than email phishing. Yet, it seems that so few organizations actually include this phishing as part of their ongoing information security assessments and penetration tests. I suppose that’s why we keep hearing about all of the Cryptolocker infections and crazy statistics being published by Verizon, Ponemon and others.

    Here are some articles that I have written that can help you get your email phishing testing initiatives off the ground or, at least, provide you with some insight into why email phishing is such a big deal:

    Defining Your Overarching Goal for Email Phishing Testing 

    What to include in an Exchange Server phishing test

    Throw users a line to thwart an email phishing attack

    Top Gotchas When Performing Email Phishing Tests

    Stop attackers from catching you in a phishing hack

    Minimize your online footprint to combat phishing
     

    Use an enterprise phishing tool such as LUCY. Do it manually. Whatever the means – just do it. I don’t care how advanced your environment is or how mature your security program may be. Your network is one click away from compromise and you need to take the steps necessary to minimize this risk in your business. I promise you these tips that I’ve written can help you fight this security threat but it has to be taken seriously.

Resources

  • My books
  • My blogs and columns
  • My YouTube videos
  • My Security On Wheels audio programs
  • My articles, podcasts, and webcasts
  • My downloadable book chapters
  • My currently-published whitepapers and guides
view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security basics books careers CISO CISSP cities compliance coronavirus covid-19 data breaches hacking Hacking For Dummies heads in sand incident response information risk keynote speaker leadership macOS networked cameras patching racing resilience SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok training vulnerability and penetration testing web security web service api security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

  • Home
  • About
  • Services
  • Resources
  • Blog
  • Contact

For your convenience I accept