MD1 NIST lifecycle to a fishing attack scenario Flashcards
Vishing attack: how to respond?
Preparation: the planning and training proce
The organization takes action to ensure it has the correct tools and resources in place:
Set up uniform company email conventions
Create a collaborative, ethical environment where employees feel comfortable asking questions
Provide cybersecurity training on a quarterly basis
Vishing attack: how to respond?
Detection and analysis: the detect and assess process
Security professionals create processes to detect and assess incidents:
Identify signs of an incident
Filter external emails to flag messages containing attachments such as voicemails
Have an incident response plan to reference
Vishing attack: how to respond?
Containment, eradication, and recovery: the minimize and mitigate process
Security professionals and stakeholders collaborate to minimize the impact of the incident and mitigate any operational disruption.
Communicate with sender to confirm the origin of the voice message
Provide employees with an easy way to report and contain suspicious messages
Vishing attack: how to respond?
Post-incident activity: the learning process
New protocols, procedures, playbooks, etc. are implemented to help reduce any similar incidents in the future.
Update the playbook to highlight additional red flags employees should be aware of
Review processes and workflows related to permissions and adjust oversight of those permissions
