Best response to Phishing emails? Opinions?

Megjegyzések

1 megjegyzés

  • Avatar
    Scot Perkins

    The metric that describes what you want to happen is "Mean time to Detect".  If your security team (or IT team from the sound of it) doesn't know about the phishing message that has ransomware in it then it hasn't been detected.

    The metric that we currently track in our organization is the "number of users who reported" because that number is honestly the most important.  If they reported the email, they recognized it was phishing attempt and wanted to protect the organization incase another user didn't recognize it. 

    If a user reports a malicious email fast enough, more often than not we can just go and delete message across the  organization before most people even see it.

    1
    Hozzászólások műveletei Permalink

Kérjük, Belépés hagyjon megjegyzést.