Example KPIs % phishing emails delivered % phishing emails clicked % false positives % phishing emails reported Time-to-detect % false positives / negatives Time-to-assess Time-to-context Completeness of context Time-to-containment Time-to-removal Cost per incident Prevent Reduce the potential for initial compromise Detect See the threats that reach user inboxes Analyze Understand tradecraſt and threat context Mitigate Stop the attack and remove adversary presence Intelligence Flows Network Traffic Analysis The Defensive Framework for Spear Phishing A strategic, end-to-end model for managing and improving protection against spear phishing attacks Security Awareness Training Malware Analysis Payload Analysis Threat Intel Systems SIEM Forensics Content Filtering Security Analysts Incident Response Example Defenses Excerpted from “The CISOs Guide to Spear Phishing Defense” Read it at www.phishlabs.com
Transcript
Exam
ple
KPIs % phishing emails delivered
% phishing emails clicked% false positives
% phishing emails reportedTime-to-detect
% false positives / negatives
Time-to-assessTime-to-context
Completeness of context
Time-to-containmentTime-to-removalCost per incident
PreventReduce the potential for initial compromise
DetectSee the threats thatreach user inboxes
AnalyzeUnderstand tradecra� and
threat context
MitigateStop the attack and
remove adversary presence
Intelligence Flows
Network Tra�ic Analysis
The Defensive Framework for Spear PhishingA strategic, end-to-end model for managing and improving protection against spear phishing attacks
Excerpted from “The CISOs Guide to Spear Phishing Defense”Read it at www.phishlabs.com
PhishLabs is the leading provider of 24/7 cybersecurity services that protect against the exploitation of people to compromise systems and steal data. Top organizations worldwide, including 4 of the 5 largest U.S. financial institutions, trust PhishLabs. Our services combine proprietary technology, intelligence, and human expertise to rapidly detect, analyze, and stop targeted cyberattacks before they impact organizations. Additionally, PhishLabs provides robust threat intelligence that strengthens existing cyber defenses and optimizes threat prevention. Leading organizations partner with PhishLabs to more e�ectively disrupt targeted cyberattacks, prevent data breaches, and reduce online fraud.
Using the FrameworkStep 1: Take an inventory of current defenses
Step 2: Map defenses to the framework
Step 3: Define key outputs of each phase:DataIntelligenceReports
Step 4: Define measurable KPIs
Step 5: Assess and fill gaps in:Defensive layersKPI reportingIntelligence flows
