New! Artificial Intelligence for Business videos, podcasts, and more...

How to Defend Against Social Engineering Cyber-Attacks, Plus Takeaways from KB4-CON with James McQuiggan from KnowBe4 

In the first couple of sessions of the first ever InfoSystems Cybersecurity Leadership Summit, James McQuiggan, Security Awareness Advocate for KnowBe4, shared his tips for how to enable employees to make smarter security decisions, talked about the current threat landscape as it relates to cybercriminals, shared his takeaways for KB4-CON, and much more. 

According to McQuiggan, humans are the number one attack vector and the last line of defense. With threats coming from cybercrime groups, hacktivists, competitors, disgruntled employees, and even nation states, it is more important than ever to understand the lures and different strategies hackers use in today’s cybersecurity landscape.  

Keep reading for more takeaways from this session, as well as how to request replays if you missed the sessions or want to watch them again. 

Session Takeaways – How Hackers Hack 

In the first session of the summit, James McQuiggan made a lot of interesting points. Here are our favorite takeaways from the session: 

Cybercriminals Can Gain Access to Your Systems in One of Two Ways. 
Cybercriminals can gain access to your systems using social engineering strategies like phishing emails, QR codes, and even voicemail phishing. Another way is through unpatched systems. If your systems aren’t up to date, hackers will look for weaknesses.  

It is Easier to Hack a Human than Technology. 
Hackers use lures like greed (win $500 now!), urgency (claim this offer before it ends), fear (someone has gained access to your bank account), and more to try and trap people into phishing scams. No one is perfect, and even the most trained employees could fall victim to a phishing email or other scam. How can you solve this? Make sure you’re providing your staff with extensive training and real-life scenarios to help them understand the importance of not opening the door to a phishing attack within your organization. 

No Organization is Immune. 
No matter how small or large an organization, they aren’t immune to cyber-attacks. All employees should be trained on how to check links, keep an eye out for suspicious pop-ups, and avoid scanning QR codes when you don’t know where the link goes. 

Session Takeaways – Takeaways from KB4-CON 

In the second session of the summit, James McQuiggan shared his takeaways from KB4-CON, KnowBe4’s user and partner conference designed for CISOs, security awareness training and InfoSec professionals.  

Here are a few of our main takeaways from this session: 

Communication Strategy is Key. 
Acccording to McQuiggan, we can learn from marketers and storytellers when it comes to cybersecurity awareness. Using emotion, visuals, sound, and words, we can understand, craft, capture, connect, embed, follow-through, and evaluate strategies in our company for security awareness to make positive, impactful decisions. 

Statistics on Social Engineering. 
Since the start of the pandemic, the FBI has reported a 300% rise in cybercrime. Not only that, more than $17,000 is lost every 60 seconds because of phishing attacks. One way to protect against cybercrime within your organization is to create a culture of “buy-in” when it comes to cybersecurity and clear, updated policies for all employees (including leadership) to follow. 

Request the Replays Today 

Both of these sessions were extremely valuable and provided a lot of important insights into why cybersecurity should be a top priority for every business leader. 

Request the breakout session recordings here.

Share this post