Name: Know Your People, Know Your Risk: The Rise of Account Compromise
Start: 2023-09-28T16:00:00Z
End: 2023-09-28T16:00:24.000Z
Location: BrightTALK
Rating: 4.8

Learn more about new approaches to email security to stop advanced business email compromise attacks that bypass traditional, threat intelligence-based email security solutions.

Unlike legacy email security solutions, the Abnormal Security platform uses an innovative AI-based approach that deeply understands the people, relationships, and business processes to stop the most sophisticated and costly attacks.

When it comes to healthcare, patient health is primary, but unfortunately, the security of patient information is an afterthought. Considering today’s threat landscape, that approach is extremely risky. In fact, a recent Abnormal study revealed that business email compromise (BEC) attacks on healthcare organizations increased by 279% in 2023.

David Anderson, Ensemble Health Partners CISO, has seen the evolution of healthcare information security firsthand. With 27 years of experience as a cryptologist in the US Navy, including many years in healthcare, David is well-versed in the risks and requirements with respect to protecting patient data.

On December 14, join our live webinar as David shares his:
- Security strategies and learnings through the healthcare lens—from navigating HIPAA regulations to managing an effective security team
- Outlook on generative AI and security, including how it’s being utilized for both positive and malicious purposes
- Approach to protecting Ensemble—from its 10,000+ employees to its vast network of customers which includes hospitals, doctors, and patients
- …and much more

Get a behind-the-scenes look at how security in healthcare is managed with valuable insights from this experienced leader. Register now!

Ensemble Health Partners’ CISO Provides Strong Security Prognosis

So ChatGPT and Google Bard are here to stay, but do you really need to change your security practices? Are cybercriminals actually going to use these tools to attack you?


The answer is yes. And this session will tell you what your peers are doing to stop it.


Listen in to hear Fortune 1000 CISOs discuss their best practices for fighting AI with AI, including:

What prompted them to start adding AI to their security stack

Which tools they’re using to protect against more attacks and augment their security teams

How they’re measuring success across the organization

And what you need to do now to stay ahead in this AI arms race


The second webinar in this three-part series provides real-world insights from security experts.

Fighting AI with AI: A CISO Panel on Security Best Practices

QR codes are popular for convenient information sharing, but also face exploitation by bad actors. This is a growing attack type with a recent Abnormal study identifying 17% of all advanced attacks utilized malicious QR codes. Using behavioral AI and image processing, Abnormal offers a robust solution against QR code phishing attacks.

Join our live webinar and learn how Abnormal’s AI-native detection engine can:
- Utilize behavioral signals to detect anomalies in attachments or linked-based signals
- Process images to detect QR codes and parse the corresponding information
- Detect 1,000s of QR code attacks per week

Register today!

How to Stop QR Code Phishing Attacks

Your first thought when hearing about ChatGPT was probably something like, “This is amazing and will be great for productivity!” Your second thought was likely, “Oh no… This will great for productivity…” 

Not only because you were worried about what your employees could do with it, but because you were fully aware of what bad actors could do with it. Unfortunately, the same tools that make us better at our jobs also make it easier for cybercriminals to succeed.

But what does that look like? And how scared should we really be? 

Join us for this session featuring Kevin Poulsen to hear about the good and bad when it comes to AI. You’ll learn: 

* How AI has evolved over the last decade and why ChatGPT is a gamechanger
* What ChatGPT-generated threats can look like
* Which types of AI-generated attacks are already being discovered 
* And why security leaders and the C-suite alike should be concerned about this evolving threat

Don’t miss the first part in this series from someone who knows how to get inside the mind of a cybercriminal—and who can show you exactly what threats are targeting your organization next.

Facing Your Fears: A Live Demo on How Attackers Can Use Generative AI

Boohoo, an online destination for fashion and lifestyle, manages a portfolio of 13 fashion and beauty brands that design, source, market, and sell to millions of customers around the world through online stores. With its high volume of business and global visibility, Boohoo has become a prime target for advanced email attacks. From invoice fraud to impersonation attacks, these exponential threats put the company, its vendor relationships, and brand reputation at risk.

Jonny Concannon, Boohoo’s Group Information Security Manager, saw a better way to approach attack detection and remediation. He deployed an AI-based security solution that delivered unparalleled protection for the “fast-paced organisation.” 

Join us November 16 at this live session where Jonny uncovers his strategies for: 
- Remediating 96,000+ threats in 12 months, while enhancing Boohoo’s security posture
- Catching advanced attacks, avoiding false positives, and identifying high-risk vendor email accounts
- Significantly reducing graymail, saving his security team 40 hours per month on manual email tasks
- …and much more

Learn why this industry leader has embraced a robust, AI-driven email security that goes beyond trends.  Register now!

Fashionably Great: Boohoo Takes Security Up a Notch

Business email compromise (BEC) attacks keep increasing in scope and severity, and security leaders are feeling the pressure to make smart investments to reduce their risk and empower productivity. This webinar offers an expert perspective on the recent evolution of the email security market and a deep dive into Forrester’s recent Total Economic Impact study of Abnormal Security. 

Watch it, and you’ll learn: 
- Forrester Principal Analyst Jess Burn’s perspective on why legacy providers in the email security market are being disrupted by the rapid adoption of cloud email infrastructure and the rise of cloud-native, API-enabled email security (CAPES)
- The financial benefits of Abnormal Security through the lens of four large, global organizations that deployed Abnormal 
- Exactly how Abnormal’s unique, API-based email security platform helps organizations prevent $4 million dollars in losses due to business email compromise, and reduces SOC analyst hours spent on email security tasks by 95%.

Register now!

The Total Economic Impact™ of Abnormal Security

Greenhill & Co. leads its client businesses through major milestones and complex processes: completing mergers and acquisitions, restructuring, raising capital, and obtaining financing. This position makes Greenhill an attractive target for cybercriminals seeking to steal data and funds through pervasive business email compromise (BEC) attacks. CIO/CISO John Shaffer fully recognizes this challenge and has responded with a strategic line of defense against these sophisticated attacks.  

On October 26, join our live 30-minute session as John offers security best practices and unique insights from the finance industry. Namely, learn how he:  

* Mitigated risk, maintained compliance, and gained efficiencies for Greenhill’s email ecosystem 
* Prevented over 11,000+ name impersonation attacks, from internal executives to trusted vendors
* Restored time for his security team and bolstered client confidence by improving threat responses

Register now to gain valuable insights from this security leader!

Greenhill Tackles Security Threats in Global Investment Space

Last year, the federal government issued approximately $1.2 trillion in grant funding to state, local, tribal, and territorial governments, and that number is expected to grow in 2023. For most organizations who receive a portion of this grant money, it’s an incredibly exciting and newsworthy event.

But unfortunately, when grant funding is made public, bad actors can take advantage. In one instance, cybercriminals stole more than $4 million in funding dollars from a single city government—all via email.

Your email environment is your most vulnerable attack surface, and earning public funds makes you a target. Join this webinar with Abnormal Security, CrowdStrike, and Grants Office, to learn: 

- How threat actors use grant funding announcements to find their next victim
- Which types of threats are most dangerous for recipients of grant funding
- How you can secure grant funding to increase your cybersecurity posture

Featuring key insight from Grants Office, this webinar provides critical information for every organization that receives federal funding.

Protecting Your Federal Grant Funding: 3 Keys to Keep Your Money Safe

EAB collaborates with over 2,500 institutions to drive transformative change through data-driven insights and best-in-class capabilities in five major areas: enrollment; student success; data & analytics; institutional strategy; and diversity, equity, and inclusion (DE&I). The Information Security team, led by Brian Markham, faced the daunting task of protecting EAB and its partners from phishing and business email compromise attacks. With a complex ecosystem and an ever-growing threat landscape, EAB implemented a security strategy that stopped thousands of attacks from reaching inboxes.

Join CISO Brian on August 29 as he shares his unique security insights from the education sector, and learn how he:

- Prevented a flood of malicious emails and scams from reaching customers
- Helped education partners address today’s biggest threats including vendor email compromise
- Streamlined processes to save time for executives and IT teams to focus on value-creation initiatives to support EAB’s mission 

School may be back, but cybercriminals have never stopped learning and attacking! Sign up to hear first-hand how EAB has leveled up its security program, starting with a better approach to email security.

EAB Teaches a Masterclass in Email Security

Too many security practitioners spend half their day managing email—handling missed attacks, investigating user-reported messages, and managing rules and policies. The legacy email security solutions most organizations still use were never designed to address modern threats like social engineering or AI-generated attacks, leaving security teams to protect  their largest attack surface with insufficient tools.

This workshop explores how security practitioners can simplify email security by eliminating legacy secure email gateways (SEG). Dan Nickoliasen, solutions architect with Abnormal Security and email security veteran, will help attendees understand why modern attacks continue to evade gateways, how a new architecture can address the question of protection, and what replacing the SEG will do to unburden security teams from manual work. 

In this interactive workshop, attendees will: 
- Discuss why SEGs have become interchangeable and commoditized in their detection value 
- Begin a configuration inventory and map core capabilities of a modern cloud email security solution 
- Create a business value case  appropriate for executive review on the impact of migrating away from the SEG
- Walk away with a clear plan of action to automate SOC operations and modernize email security architecture

Participants are eligible to earn 1 CPE credit from (ISC)² upon completion of this workshop: https://docs.google.com/forms/d/e/1FAIpQLSeXpNB-pZ-mhmRUQCxme-d5JCj_4lDYyxVyRHiDBb2ypV5xfQ/viewform

Make a Plan to Replace Your SEG Workshop

DexKo Global, a leading manufacturer of highly-engineered running gear for trailer, RV, and towable equipment, employs 7000 employees across dozens of locations, frequently acquires new companies, and collaborates with a complex supply chain of hundreds of partners and contractors. In the last two years, they’ve made huge strides in modernizing their email security program, freeing up the budget and bandwidth to advance more strategic initiatives. 

Key to success? Retiring their legacy SEG in favor of a modern, API-based email security architecture. 

In this fireside chat, Thiago de Angelo, Enterprise Security Architect from DexKo, will take the wheel, sharing how DexKo’s security team migrated away from their legacy SEG, and drastically reduced global email attack surface by catching socially engineered email threats with behavioral AI.

Register now, and you’ll learn:
- Why DexKo decided to retire its secure email gateway in favor of Microsoft + Abnormal
- How the migration worked and the time commitment involved
- Which automation, protection, and productivity benefits they now experience with the AI-based platform
- Lessons learned from life after the SEG

Register today!

The Fast Lane: How DexKo Global Rolled Off of Its Legacy SEG

New types of impersonation. Better AI. Shifts to collaboration applications. Cybercrime is a business, and criminals are always looking for new ways to steal money.

Join us for this session where Mick Leach, Head of Security Operations at Abnormal Security, will discuss:
—How threat actors are shifting away from the CEO fraud of the past to new types of BEC
—What makes generative AI tools like ChatGPT incredibly dangerous
—Why your next email concern should be your third-party applications
—And how you can better protect your organization from all of it

Sign up to understand the future of cybercrime and gain some timely insights to protect your organization!

3 New Ways Cybercriminals are Targeting Your Email

As long as we’ve used email, we’ve experienced email attacks. From basic malware to the Nigerian Prince scam to gift card fraud, organizations and individuals have become accustomed to receiving a nefarious email or text. 

But with the rise of generative AI, attacks are more sophisticated than ever before as malicious actors exploit the power of AI to deceive us. Join us for this on-demand webinar with renowned ethical hacker FC and two AI experts to learn: 

- How attackers can effectively use ChatGPT to create incredibly sophisticated email attacks, including a live demo 
- Which vulnerabilities in generative AI models are being exploited by threat actors
- What security leaders are doing to stop these malicious attacks on their organizations
- Best practices for defending against the AI-created email attacks of the future

With insights from both the dark and the light side of AI, this webcast will provide you with the information you need to understand the future of cybercrime and give you tools to stop it.

ChatGPT Exposed: Protecting Your Organization Against the Dark Side of AI

When Florida Crystals Corporation, a prominent sugarcane company, consistently saw advanced email attacks slip through its existing defenses, the company’s security team knew it was time for a different approach. The combination of a secure email gateway (SEG) and native cloud email security proved inadequate against today’s advanced threats as well as the modern security team’s needs for investigation and reporting. The company chose to move away from the traditional SEG to Abnormal and improved its security while reducing email security costs by 40%. 

Join Florida Crystals’ CISO Ben Field at this live webinar as he shares:
- The lessons learned associated with Florida Crystal’s email security architecture
- The types of email attacks faced by the company’s global workforce
- How they stopped a BEC attack in progress during their Abnormal POV 
- The impact Abnormal has made on the company’s security and security team’s productivity

Join our conversation with Ben, a seasoned cybersecurity professional, as he explores what led him to move Florida Crystals beyond the traditional approach to email security.

Bucking Tradition:How Florida Crystals Ditched the SEG to Improve Email Security

As a leading insurance broker and consultant with a global reach and numerous acquisitions each year, NFP understands the critical importance of email security. However, the complexity of managing email threats, while integrating newly acquired companies, requires a new approach that dramatically simplifies administration, eliminates inefficient spend, and effectively stops advanced threats.

In this must-attend session, you’ll discover:
● What led NFP to reevaluate their legacy tools and consider replacing the SEG
● How the team is mitigating financial losses from advanced email threats
● Why they’re focused on keeping graymail out of executives' inboxes
● The process they use to integrate newly acquired companies with ease
● Why they turned to Abnormal to simplify and improve their email security

Don't miss the chance to hear directly from James Fritz, an industry expert with years of experience, as he shares his journey and offers recommendations for security teams seeking to move beyond the limitations of the SEG.

Register today!

Rethinking the SEG: How NFP Improved Threat Detection and Reduced Spend

Protecting your collaboration apps, streamlining deployment, and expanding data ingestion to stop attacks now and in the future.

While email remains the most common path into an organization, cybercriminals are steadily shifting their tactics and targeting additional entry points. Recent multi-channel attacks illustrate how attackers are moving laterally throughout the environment to gain access to email and other sensitive data through Slack, Teams, and other applications. 

We’re excited to unveil a series of new enhancements to Abnormal’s platform that will empower security teams to protect more, spend less, and secure the future. 

Join Product Management leaders Nicole Jiang and Vineet Edupaganti for this recap of all things new with Abnormal, where we’ll show you:  

- Three new products to detect suspicious user behavior, changes to user privileges, and malicious messages across Slack, Zoom, and Microsoft Teams
- Additional data ingestion capabilities so you can ingest signals from additional applications such as Okta and CrowdStrike
- The Abnormal App Store, a self-service marketplace within the Abnormal Portal 

This live event includes opportunities for Q&A so you can truly understand how Abnormal can help you better protect your cloud email. 

Register now and join us on May 18th!

Product Chat: Unpacking Abnormal's Latest Launch

It takes 328 days to identify and contain a breach due to credential compromise. Couple this with the fact that instances of credential compromise have skyrocketed by 300% in the last year, and you have a recipe for disaster. Attackers are adept at evading traditional security tools—even MFA, considered in years past to be near-unbreakable.

What’s more, security teams often lack the resources to investigate every unusual event if it doesn’t signify an immediate threat. But any deviation from normal user behavior warrants investigation, from advanced MFA bypass tactics to simple misconfiguration.

In this live webinar, join members of our Product team as they discuss:

- The continued rise of account compromise
- Novel tactics like MFA bypass, and why they’re so difficult to stop
- Steps to take to mitigate account takeovers
- And more!

Register now.

Know Your People, Know Your Risk: The Rise of Account Compromise

Breach Prevention

Cyber Attacks

Threat Assessment

Cyber Crime

Cyber Incident Response

Email Security

Threat Analysis

Cyber Defence

Threat Detection

Security Breach

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Know Your People, Know Your Risk: The Rise of Account Compromise

Presented by

About this talk

More from this channel