Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Phishing
      • /
    • Software Supply Chains and Phishing Top Microsoft’s List of Greatest Cyberthreats

    Software Supply Chains and Phishing Top Microsoft’s List of Greatest Cyberthreats

    Stu Sjouwerman | Mar 15, 2019
    MS-Report

    Microsoft’s latest Security Intelligence Report highlights the trends seen in 2018 with phishing as the preferred attack method and supply chains as a primary attack target.

    Supply Chains at Risk

    Software supply chains are the perfect delivery mechanism for cybercriminals. If they can compromise the development or update process of a software supplier, they can get their malware installed down the chain on partner and customer networks with the same trust and permissions as the legitimate software.

    The increase in software supply chains seen by Microsoft indicates that all software manufacturers – from those making plug-ins and browser extensions to those building entire cloud-based software services – need to be vigilant now more than ever.

    Phishing Still King

    Microsoft saw a 250% rise in phishing attacks over the course of 2018, delivering malicious zero-day payloads to users. Microsoft admits that this rise has caused them to work to “harden against these attacks” signaling the attacks are becoming more sophisticated, evasive, and effective.

    Microsoft sees phishing as a particularly troubling attack method because “it involves human decisions and judgement in the face of persistent efforts by cybercriminals to make victims fall for their lures.” Even Microsoft realizes that, despite best efforts with security software (including their own), some portion of phishing scams will always make its way to the user.

    And that is the reason why users need to become a part of your organization’s security strategy. It’s only through creating a security culture and continuous Security Awareness Training that your organization is truly going to have a reasonable chance of never becoming a victim.

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

    Topics: Phishing Security Awareness Training

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All