Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
WELCOME!
Office 365 – What Security Threats Worry You?
What do you hope to learn today?
Please take a moment to fill out the yellow cards.
Our presenters will review the cards to ensure that we cover
the topics/areas of interest.
We will collect them before we get started.
Thanks!
Collect ‘Learn Today’ Cards
What do you hope to learn today?
Please take a moment to fill out the yellow cards.
Our presenters will review the cards to ensure that
we cover the topics/areas of interest.
We will collect them before we get started.
Thanks!
System Source & Microsoft:
System Source & Microsoft:
Microsoft Certified Partner…since 1980’s
Silver – Learning Solutions
Train 6,000 students/year
Our Instructors rate 20% higher than Microsoft National
Average Customer Satisfaction Scores.
Silver – Infrastructure
1,000’s of Microsoft implementations
Small Business to Enterprise
Non-profit
Education
What Security ThreatsWorry You?Stephen DemingMicrosoft Partner Technology Strategist
Challenges
2 billion records compromised in the last year
140+ days between infiltration and detection
87% of senior managers admit using personal accounts for work
45% of organizations lack data governance which leaves them open to litigation and data security risks
Ever-evolving industry standards across geographies
Attack kill chain
Attack kill chain
Attack kill chain and ATA
Our Commitment to Trust
Privacy
Customer is the owner of their data.
We do not mine customer data for advertising purposes.
Privacy controls enable you to configure your company privacy policies.
Microsoft advocates for data privacy on behalf of customers.
Microsoft safeguards customer data with strong contractual commitments.
Transparency
Know where your data is stored.
Understand who has access your data and under what circumstances.
Monitor the state of your service, get historic view of uptime.
Integrate security events’ feeds into your company security dashboard.
Gain insight with access to service dashboards & operational reporting.
Operational security
Safeguards to prevent unauthorized access and data loss
Physical security with 24-hour monitoring and multi-factor authentication
Admin background checks
Zero-standing access to data
Data encryption at-rest and in-transit
Red team / Blue team penetration testing and incident response practice
Product development using Security Development Lifecycle
Bug bounty program to identify vulnerabilities
Safeguarding your data
Identify, label, classify, set policies to help protect information.
Encrypt your data and restrict access using Azure Information Protection.
Safeguard information with Data Loss Prevention.
Get visibility into and improve your security position with Secure Score
Restrict unauthorized data sharing across apps with MAM.
Prevent data leaks with support for Windows Information Protection.
Manage data on devices through built-in MDM.
Securely communicate with customers using Message Encryption.
Personal apps
Managed apps
Detect and protect against external threats
Block 100% of known malware and 99% of spam with Exchange Online Protection.
Provide zero-day protection against unknown malware in attachments and links with Advanced Threat Protection.
Providing actionable insights to global attack trends with Threat Intelligence.
Get alerts of suspicious behavior using Advanced Security Management.
Secure user accounts with Conditional Access and multi-factor authentication.
Compliance
Meet compliance obligations for data access with Customer Lockbox.
Monitor and investigate events related to your data with full audit tracking.
Reduced cost and risk with in-place intelligent Advanced eDiscovery.
Efficiently perform risk assessment with Service Assurance.
Manage data retention with Advanced Data Governance.
MICROSOFT’SSECURITY APPROACH
!
DETECTusing targeted signals, behavioral monitoring, and machine learning
RESPONDclosing the gap between discovery and action
PROTECTacross all endpoints, from sensors to the datacenter
Security Tactics
Security Tactics
Shadow
IT
Data breach
Employees
Partners
Customers
Cloud apps
Identity Devices Apps & Data
Transition tocloud & mobility
New attack landscape
Current defenses not sufficient
Identity breach On-premises apps
SaaSAzure
Device breach
Identity anchors our approach to security
IDENTITY DRIVEN SECURITY
Single sign-onSelf-service
Simple connection
On-premises
Other directories
Windows ServerActive Directory
SaaS
Azure
Publiccloud
CloudMicrosoft Azure Active Directory
User log-ins
Unauthorized data access
Data encryption
Malware
System updates
Enterprise security
Attacks
Phishing Denial of service
User accounts
Device log-ins
Multi-factor authentication
450B
1B
200B
Our unique intelligence
Security Tactics
Security Tactics
Enterprise reliability via 100+ data centers and Microsoft’s global network edge
Compliance leadership with standards including ISO 27001, FISMA, and EU Model Clauses
No standing access to data, transparent operational model, and financial-backed 99.9% SLA
Secure by design, operationalized at the physical, logical, and data layers
Global, hyper-scale, enterprise-grade infrastructure
Over 1000 controls in the Office 365 compliance framework enable us to stay up to date with the ever-evolving industry standards across geographies.
Trust Microsoft’s verified services. Microsoft is regularly audited, submits self-assessments to independent 3rd party auditors, and holds key certifications.
Key certifications
United StatesCJIS
CSA CCM
DISA
FDA CFR Title 21 Part 11
FEDRAMP
FERPA
FIPS 140-2
FISMA
HIPPA/HITECH
HITRUST
IRS 1075
ISO/IEC 27001, 27018
MARS-E
NIST 800-171
Section 508 VPATs
SOC 1, 2
ArgentinaArgentina PDPA
CSA CCM
IRAP (CCSL)
ISO/IEC 27001, 27018
SOC 1, 2
SpainCSA CCM
ENISA IAF
EU Model Clauses
EU-U.S. Privacy Shield
ISO/IEC 27001, 27018
SOC 1, 2
Spain ENS
LOPD
United KingdomCSA CCM
ENISA IAF
EU Model Clauses
ISO/IEC 27001, 27018
NIST 800-171
SOC 1, 2, 3
UK G-Cloud
JapanCSA CCM
CS Mark (Gold)
FISC
ISO/IEC 27001, 27018
Japan My Number Act
SOC 1, 2
SingaporeCSA CCM
ISO/IEC 27001, 27018
MTCS
SOC 1, 2
New ZealandCSA CCM
ISO/IEC 27001, 27018
NZCC Framework
SOC 1, 2
AustraliaCSA CCM
IRAP (CCSL)
ISO/IEC 27001, 27018
SOC 1, 2
European UnionCSA CCM
ENISA IAF
EU Model Clauses
EU-U.S. Privacy Shield
ISO/IEC 27001, 27018
SOC 1, 2,
ChinaChina GB 18030
China MLPS
China TRUCS
Providing clarity and consistency for the protection of personal data
Enhanced personal privacy rights
Increased duty for protecting data
Mandatory breach reporting
Significant penalties for non-compliance
The General Data Protection
Regulation (GDPR) imposes new
rules on organizations in the European
Union (EU) and those that offer goods
and services to people in the EU, or that
collect and analyze data tied to EU
residents, no matter where they are
located.
Microsoft believes the GDPR is an important step forward for clarifying and enabling individual privacy rights
Global Data Protection Regulation (GDPR)
We have many customer controls already available within Office that will help you stay GDPR
compliant including controlling access and protecting personal data features.
GDPR is a global regulation that you will have to abide by starting May 2018
Customer outreach Engineering Government affairs
Microsoft is doing 3 different things to prepare for GDPR
What it is and how Microsoft is preparing for GDPR
The most secure Windows ever
XP2001
Vista2007
72009
82012
8.12013
102015
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
When is more needed?
Regulated industries including publicly listed companies
In-house software or IP development
Access, process or store highly-sensitive customer data
Executive, management, or financial roles
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
Microsoft Security: Defense in Depth
• Trusted Boot
• Windows Hello
• Information Protection
• Credential Guard
• Device Guard
• Advanced Threat Protection
Windows 10
Microsoft Security: Defense in Depth
• Multifactor Authentication
• Anti-Spam / Anti-Malware
• Data Loss Prevention
• Advanced Threat
Protection
Office 365
Windows 10
Microsoft Security: Defense in Depth
• Azure Active Directory
Premium
• Azure Information
Protection
• Microsoft Intune
• Advanced Threat Analytics
• Cloud App Security
Enterprise Mobility + Security
Office 365
Windows 10
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
Windows Hello
46
1. Fast and password-free.
With Windows Hello,* you can sign into your Windows devices, compatible apps and sites 3 times faster1 than a password that
you have to remember and type in and worry about keeping secure. Windows Hello uses your face, fingerprint, or a Windows
Hello companion device† to recognize you instantly. You can always keep your PIN as a backup if you choose.
2. More secure than a password.
Get better protection when you unlock your device with a look or a touch. Windows Hello uses biometric sensors to recognize
you apart from all others. Windows Hello* requires two or more factors of user validation, such as biometrics and your device, to
set up the credentials you will use for authentication.
3. Tamper-proof credentials.
Your device’s Trusted Platform Module (TPM) hardware protects and isolates your Windows credential from the rest of the
operating system, helping to thwart malware and advanced attacks. Windows Hello* is fundamentally immune to phishing and
safer from data center breaches because the authentication factors and Windows Hello credential are physically separate. Even if
you enter your PIN on a malicious website, an attacker will not be successful unless they also have your device.
4. Unlock your online world.
Get rid of passwords. Windows Hello* works with Office 3652 and other Microsoft services, Azure apps2 like Dynamics CRM2 and
compatible apps like Dropbox.2 It can wave you into compatible websites too, as long as you're using Microsoft Edge.** Site sign-
ins are fast and password-free, with strong security that protects your identity in a way that a password never could.
5. Your companion devices unlock your PC.
Windows Hello* lets you use your phone, Microsoft Band and other Windows Hello companion devices to quickly unlock your
Windows PC without using a password.3 Companion devices† know who you are and give you another choice for quick, secured
sign-ins that can meet some of the strictest regulatory compliance standards.
* To use Windows Hello with biometrics specialized hardware, including fingerprint reader, illuminated IR sensor, or other biometric sensors is required. Hardware based protection of the Windows Hello credential/keys requires TPM 1.2 or greater; if no TPM
exists or is configured, credentials/keys protection will be software-based.
** Limited to compatible websites and apps. † Companion devices must be paired with Windows 10 PC’s via Bluetooth. To use a Windows Hello companion device that enables the user to roam with their Windows Hello credentials requires Pro or Enterprise edition on the Windows 10 PC being signed into. 1Based on average time comparison between typing a password respectively detecting a face or fingerprint to authentication success2Sold separately3Available for select premium phones and selected Windows 10 editions. Requires PC and phone to be joined in Azure Active Directory or Active Directory and paired via Bluetooth.
Windows 10
(Screens simulated, subject to change)
Credential Guard
47
1. Protect identities from the impact of a full system compromise.
One of several identity protection layers in Windows 10, Credential Guard
helps protect the user access tokens (derived credentials) that are generated
once users have been authenticated. Protection of these tokens is critical to
prevent Pass the Hash attacks, which is the go-to tactic for nearly all major
network breaches. Credential Guard stores the tokens within a virtualization-
based security (VBS) environment running on top of Hyper-V technology.
This helps prevent attackers from extracting the tokens from devices, even
when the Windows kernel itself has been fully compromised. Credential
Guard is designed so that malware running in the operating system, even
with the highest privilege level, can‘t access user related access tokens.
2. Hardware-level security.
Credential Guard uses hardware-based virtualization and Hyper-V to host
Windows 10 security credentials and isolate them from malware. Hardware
based isolation prevents attackers, even with the highest level of Windows
privilege, from accessing user related access tokens.
3. Easy Manageability.
Credential Guard can be enabled using Group Policy making it easy and
familiar for your IT staff to administer using the existing management tools
they have in place.
•
Windows 10 Enterprise
(Screen simulated, subject to change)
Manage your account, apps and groups
Company branded, personalized application Access Panel:
http://myapps.microsoft.com
+ iOS and Android Mobile Apps
Self-service password reset
Application access requests
Integrated Office 365 app launching
Azure Active Directory Premium
Windows Defender Advanced Threat Protection (ATP)
49
1. Built into Windows, cloud-powered.
Windows Defender Advanced Threat Protection (ATP) is powered by behavioral
sensors built into Windows 10 and a cloud back-end. No additional deployment is
required, and the service can be switched on through configuration. Running
alongside any anti-virus (AV) solution, Windows Defender ATP is continuously up-to-
date, and can help lower costs.
2. Behavior-based, post-breach detection.
Windows Defender Advanced Threat Protection (ATP) detects attacks that have made
it past all other defenses, based on behaviors. Windows Defender ATP uses real-time
as well as historic information to identify attacks, and provides actionable alerts for
known and unknown adversaries.
3. Rich timeline for investigation.
Windows Defender Advanced Threat Protection gives you an easy way to investigate
the scope of a breach or suspect behaviors through a rich machine timeline, for all
machines enrolled to the service. Gain additional deep analyses for files and URLs by
using its detonation service.
4. Unique threat intelligence knowledge base.
Unparalleled threat optics combine first and third party threat intelligence data to
provide actor details and intent context for threat detection.
Windows 10 Enterprise E5
(Screen simulated, subject to change)
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
Windows trusted boot
51
1. Get complete control from the start.
Windows trusted boot on Windows 10 is built on top of a security standard
developed by members of the PC industry to help make sure that your PC
boots using only trusted software. When the PC starts, the device's firmware
and then Windows itself validate each boot-related component, avoiding
headaches caused by malware that can load before the OS boot process has
begun or within it.
2. Nip threats in the bud.
Windows 10 closes off the pathways that allow malware to hide by ensuring
that the devices firmware and operating system have integrity and start
before malware can.
3. Enjoy continuous enterprise-grade security for your peace of mind.
Once Windows is started by the device's firmware, Windows Trusted Boot
can help ensure that the Windows system core starts with integrity every
time, working to defend you against modern threats. If anomalies are
detected, Windows Trusted Boot will self-remediate and restore the
Windows operating system's boot integrity. (Screens simulated, subject to change; Some
apps sold separately, availability may vary).
Windows 10
Device Guard
52
1. Eliminate malware.
Help secure your environment and prevent untrusted apps and code from running by
using the ultimate form of app control. Using virtualization-based security, the Device
Guard feature in Windows 10 offers a solution more powerful than traditional app control
products, providing rigorous protection from tampering and bypass.
2. Hardware rooted app control.
Device Guard uses virtualization-based security to isolate and help protect Device Guard
features, such as the Hyper-V Code Integrity Service (HVCI), from malware and attacks,
even if Windows itself has been compromised. HVCI enables Device Guard to help
protect kernel mode processes from in-memory attacks, giving you a strong defense
against zero-day exploits.
3. Only run trusted apps.
Device Guard helps enable your IT department to decide which software vendors and
apps can be trusted within your environment. IT can designate as trustworthy the right
combination of apps for your organization, from internal line-of-business apps to
everything from the Windows Store to apps from specific software vendors. Device Guard
works with Windows Classic apps and Universal Windows Platform apps, and it includes
tools that make it easy to sign your existing apps.
(Screens simulated, subject to change. Office 365
subscription required for some features )
Windows 10 Enterprise
Time-of-click protection against malicious URLs
URL reputation checks along with detonation of
attachments at destination URLs.
Zero-day protection against malicious attachments
Attachments with unknown virus signatures are
assessed using behavioral analysis.
Critical insights into external threats
Rich reporting and tracking features provide critical
insights into the targets and categories of attacks.
Integrated across apps & services
Protection across Exchange Online, SharePoint
Online, OneDrive for Business, and Office apps.
Intelligence sharing with devices
Integration with Windows Advanced Threat
Protection to correlate data across users and devices.
Advanced Threat Protection
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
BitLocker
55
• Keep your peace of mind, even with a
lost or stolen device.
• BitLocker and BitLocker to Go encrypt
your data on your device and even on
your USB drive, so you’re more
protected.*
Windows 10 Pro
(Screen simulated, subject to change)
*Requires TPM 1.2 or greater for TPM based key protection.
Windows Information Protection
56
1. Separate personal and professional data.
Windows Information Protection* (WIP) helps IT and users prevent accidental leaks by
separating personal and business data. WIP allows IT administrators to apply rules to
control how business data can be used. WIP recognizes business data as it arrives on
devices, is generated by business applications, or when it is designated as business
data by the user.
2. User and app access control.
Windows Information Protection* (WIP) enables IT to set policies that define which
applications and users are authorized to access business data. WIP also enables IT to
define which rights a user has, allowing IT to either help block leaks or, optionally,
help warn the user before content is copied to unauthorized websites and personal
documents. Plus, WIP helps protect business data that is placed on removable storage
by ensuring all business data is encrypted and accessible only by authorized users.
3. Provides greater IT control with a seamless experience for users.
With Windows Information Protection* (WIP) in Windows 10 Pro and Enterprise
editions, business data protection takes place completely behind the scenes, only
notifying users when they’re attempting to take an unauthorized action. Your IT team
has full control of keys and protected data, making it easy to perform a remote wipe
of business data on demand while leaving personal data untouched.
*WIP requires either Mobile Device Management (MDM) or System Center Configuration Manager to manage settings. Active Directory makes management easier, but is not required.
(Screen simulated, subject to change)
Windows 10 Pro
POST-BREACHPRE-BREACH
Breach detection
investigation &
response
Device protection
Identity protection
Information protection
Threat resistance
Archive with Advanced eDiscovery
Identify relevant documents
Predictive coding enables you to train the system
to automatically distinguish between likely relevant
and non-relevant documents.
Identify data relationships
Use clustering technology to look at documents in
context and identify relationships between them.
Organize and reduce the data prior to review
Use near duplicate detection to organize the data
and reconstruct email threads from unstructured
data to reduce what’s sent to review.
New DLP sensitive
information types
added to Exchange
DLP capabilities extended
to include documents in
SharePoint
PolicyTips added to
Excel and other Office
applications
Data Loss Prevention
Rights Protected Email
Rights Protected Office Documents
Advanced Data Governance
Leverage intelligence to automate data retention
Classify data based on age, type, user, or sensitivity
Policy recommendations based on machine
learning
Apply actions to preserve high value data
Purge redundant, obsolete, and trivial data
Customer Lockbox
Meet Compliance Needs
Customer Lockbox can help customers meet
compliance obligations by demonstrating that they
have procedures in place for explicit data access
authorization.
Extended access Control
Use Customer Lockbox to control access to
customer content for service operations.
Visibility into actions Actions taken by Microsoft engineers in response to Customer Lockbox requests are logged and accessible via the Management Activity API and the Security and Compliance Center.
Windows 10 Enterprise capabilitiesW
ind
ow
s 10 E
nte
rpri
se E5
Win
do
ws
10 E
nte
rpri
se E3
The most trusted platform
Enterprise Data ProtectionPrevent accidental leaks by separating personal and business data
Windows Hello for BusinessEnterprise grade biometric and companion device login
Credential GuardProtects user access tokens in a hardware-isolated container
AppLockerBlock unwanted and inappropriate apps from running
Device GuardDevice locked down to only run fully trusted apps
Advanced Threat ProtectionBehavior-based, attack detectionBuilt-in threat intelligence Forensic investigation and mitigation
Built into Windows
More personal
User Experience Virtualization (UX-V)OS and app settings synchronized across Windows instances
Granular UX ControlEnterprise control over user experience
More productive
Azure Active Directory JoinStreamline IT process by harnessing the power of the cloud
MDM enablementManage all of your devices with the simplicity of MDM
Windows Store for Business, Private CatalogCreate a curated store experience for employee self-service
Application Virtualization (App-V)Simplify app delivery and management
Cortana ManagementCreate, personalize, and manage Cortana profiles through Azure Active Directory
Windows 10 for Industry DevicesTurn any inexpensive, off-the-shelf device, into an embedded, handheld, or kiosk experience
The most versatile devices
Office 365 Enterprise capabilities
PSTN Conferencing:
Worldwide dial-in for your
online meetings
Cloud PBX:
Business phone system in the
cloud
PSTN Calling:
Cost effective cloud based dial
tone
(add-on)
Power BI Pro:
Live business analytics and
visualization
Delve Analytics:
Individual and team
effectiveness
Advanced Threat Protection:
Zero-day threat and malware
protection
Advanced Security
Management:
Enhanced visibility and control
Customer Lockbox:
Enhanced customer data access
controls
Advanced eDiscovery:
Identifying the relevant data
quickly
SECURITY
Advanced Enterprise
Protection
VOICE
Complete Cloud
Communication
ANALYTICS
Insights for Everyone
Exchange :
Business-class email & Calendar
OneDrive:
Cloud Storage and file sharing
SharePoint:
Team sites & internal portals
Skype for Business:
Online Meetings, IM, video chat
Microsoft Teams:
Chat-based Collaboration
Yammer:
Private social networking
Office Pro Plus:
Office apps on up to 5 PCs &
Macs
Mobile Office Apps:
Office Apps for Tablet &
Smartphones
APPS
Cloud Productivity &
Mobility
SERVICES
Rich Communication and
Collaboration
Office 365 E3
Office 365 E5
Enterprise Mobility & Security capabilities
Microsoft
Intune
Mobile device and app
management to protect corporate
apps and data on any device.
Managed Mobile Productivity
Microsoft Advanced Threat
Analytics
Identify suspicious activities &
advanced attacks on premises.
Microsoft
Cloud App Security
Bring enterprise-grade visibility,
control, and protection to your
cloud applications.
Identity Driven SecurityIdentity and access management
Azure Active Directory
Premium P1
Single sign-on to cloud and on-
premises applications. Basic
conditional access security
Azure Active Directory
Premium P2
Advanced risk based identity
protection with alerts, analysis, &
remediation.
Azure Information
Protection Premium P1
Encryption for all files and storage
locations. Cloud based file
tracking
Existing Azure RMS capabilities
Information Protection
Azure Information
Protection Premium P2
Intelligent classification, &
encryption for files shared inside &
outside your organization
Secure Islands acquisition
EM
S E3
EM
S E5
Mic
roso
ft 3
65
Modern
Productivity
Windows 10 Desktop
Office 365 Personal Productivity(Office suite, email, collaboration)
EMS Mobile Device Security(Window, IOS, Android)
Dynamics 365
Business Applications(CRM & ERP)
Azure Line of Business Apps
MICROSOFT 365 ENTERPRISE PLAN OVERVIEW
M365
E31
$32
M365
E51
$57
Office Applications Word, Excel, PowerPoint, OneNote, Access X X
Email & Calendar Outlook, Exchange X X
Chat-based Workspace Microsoft Teams X X
Voice, Video & Meetings Skype for Business
PSTN Conferencing, Cloud PBX
X X
X
Social & Internet Sharepoint & Yammer X X
Threat Protection Microsoft Advanced Threat Analytics, Windows Defender Antivirus, Device Guard
Windows Defender Advanced Threat Protection, Office 365 Advanced Threat Protection, O365 Threat Intelligence
X X
X
Identity & Access Management Azure Active Directory Plan 1, Windows Hello and Credential Guard
Azure Active Directory Plan 2
X X
X
Device & App Management Microsoft Intune X X
Information Protection Office 365 Data Loss Prevention, Windows Information Protection & BitLocker, Azure Information Protection Plan 1
Azure Information Protection Plan 2, Microsoft Cloud App Security, O365 Advanced Security Management
X X
X
Advanced Compliance Advanced eDiscovery, Customer Lockbox, Advanced Data Governance X
Analytics Delve
Power BI Pro, MyAnalytics
X X
X
Pricing is No Level –Final pricing may vary due to rounding and geo location
1Productivity Server Rights –SharePoint, Exchange and Skype for Business productivity server rights for ALL M365 customers (Hybrid Rights unavailable in CSPChannel).1Office Professional Plus – One copy of Office Professional Plus for each copy of From SA Full USL M365 purchased; enabled for the duration of their subscription and downgrade rights included.
Microsoft Internal & Partner Use Only
73
EMS
Our Commitment to Trust
Security. Compliance. Privacy.
Learn how we, as an industry leader in cloud productivity services, are continually taking steps to maintain your trust in Microsoft.
Our commitment to the area of trust is explained through the five pillars of the Trust Center.
http://www.Microsoft.com/trustcenter
Microsoft Trust Center
© Copyright Microsoft Corporation. All rights reserved.
76
KnowBe4 Security Awareness Training
and Phishing
Welcome!
Michelle Robinson
System Source
Learning Center Director
System Source and KnowBe4Partnering to deliver high quality training and phishing tests
About KnowBe4
World’s most popular integrated Security Awareness Training and Simulated Phishing platform
Training based on Kevin Mitnick’s 30+ year unique first-hand hacking experience (The Dark Side Hacker)
Gartner peer insights puts KnowBe4 at the top of the list for overall rating including:
• Product capabilities
• Customer experience
• Willingness to recommend
KnowBe4 Recognized by Gartner as a Leader
In the Magic Quadrant for Security Awareness Computer-
Based Training 2017
Gartner Magic Quadrant for Security Awareness Computer-Based Training, Joanna G.
Huisman, 26 October 2017 This graphic was published by Gartner, Inc. as part of a larger
research document and should be evaluated in the context of the entire document. The
Gartner document is available upon request from KnowBe4. Gartner does not endorse any
vendor, product or service depicted in its research publications, and does not advise
technology users to select only those vendors with the highest ratings or other designation.
Gartner research publications consist of the opinions of Gartner's research organization and
should not be construed as statements of fact. Gartner disclaims all warranties, expressed
or implied, with respect to this research, including any warranties of merchantability or
fitness for a particular purpose. GARTNER is a registered trademark and service mark of
Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with
permission. All rights reserved.
Spear Phishing Example
Current Events
Recent phishing attempts focus on current events
Our ApproachBaseline Testing
We provide baseline testing to assess the Phish-prone percentage of your users through a free simulated phishing
attack.
Train Your Users
The world's largest library of security awareness training content; including interactive modules, videos, games, posters
and newsletters. Automated training campaigns with scheduled reminder emails.
Phish Your Users
Best-in-class, fully automated simulated phishing attacks, hundreds of templates with unlimited usage, and community
phishing templates.
See The Results
Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the
great ROI!
Baseline Testing 4 templates for your free baseline phishing test
O365
Exchange
Gsuite
Network password
O365
Exchange
Training Modules
Kevin Mitnick Security Awareness Training –
15, 25 and 45 min
Description
This 15-minute module is an advanced,
condensed version of the full 45-minute training,
often assigned to management. It covers the
mechanisms of spam, phishing, spear-phishing,
spoofing, malware hidden in files, and Advanced
Persistent Threats.
Phish Your Users
700+ phishing templates
Dozens of categories
Customized landing pages
Automate/randomize templates
KnowBe4 Tracked Phish Prone Percentages
IndustryCompany Size Baseline 90 Day Maturity 1 Year Maturity
All Industries
Small (<250 Users) 30.1% 13.1% 1.9%
Medium (250-1000 Users) 28.5% 13.2% 2.2%
Large (1000+ Users) 25.1% 14.1% 3.0%
Banking
Small (<250 Users) 27.4% 10% 1.5%
Medium (250-1000 Users) 28.5% 9.1% 2.2%
Large (1000+ Users) 23.0% 14.5% 5.8%
Education
Small (<250 Users) 29.2% 16.9% 2.8%
Medium (250-1000 Users) 26.2% 17.2% 1.9%
Large (1000+ Users) 26.0% 22.6% 5.3%
Financial Services
Small (<250 Users) 27.4% 10% 1.5%
Medium (250-1000 Users) 28.5% 9.1% 2.2%
Large (1000+ Users) 23.0% 14.5% 5.8%
Government
Small (<250 Users) 29.3% 12.8% 1.9%
Medium (250-1000 Users) 25.1% 9.1% 1.5%
Large (1000+ Users) 20.8% 7.9% 1.5%
Healthcare & Pharmaceuticals
Small (<250 Users) 29.8% 16.8% 2.0%
Medium (250-1000 Users) 27.8% 11% 1.6%
Large (1000+ Users) 25.6% 15.8% 2.2%
0%
5%
10%
15%
20%
25%
Phis
h P
rone
%
Training Impact on Phish Prone Staff - 25-29 person sample
Training for
those failing
phishing tests
Medium Sized Business Snapshot of Phishing and Testing
Silver Level: Training Access Level I which includes the Kevin Mitnick Security Awareness Training in the full 45-minutemodule, the shortened 25-minute module, and the executive 15-minute version. In addition to unlimited Simulated PhishingTests and enterprise-strength reporting for the length of your subscription.Gold Level: Includes all Silver level features plus Training Access Level II which includes all 27+ KnowBe4 training modules.Gold also includes monthly Email Exposure Check (EEC) Reports and Vishing Security Test.• Email Exposure Check monthly reports show you which email addresses from your domain are exposed on the Internetand are a target for phishing attacks• Vishing Security Tests using IVR attacks over phone (available for U.S. and Canada)
Subscription Levels and Pricing
Evaluations & Door PrizesLearning Center Offer
Lunch
THANK YOU!