I can't seem to vote, is that just me?
I would put my organanisation at the paranoid level. We have user, server and service levels plus the user can report anything that just happens to sneak through.
Also paranoid and hopefully will soon be adding a layer at the SaaS level so we can benefit from a certain cloud provider's machine learning across their services.
As always, I wanted to hit more than one button. There's a bit of SaaS, then some server & client protection, but still some stuff gets through & the user can report it
We operate on a classified network. If we get phishing emails, we have a bigger problem.
SIPR network
No kidding I can relate to that but we all have unclassified networks too... we have a report phishing button in outlook and also send users fake phishing emails to test and train them throughout the year.
I can relate to dealing with this as well... it's a LOT of work. I'm a TA as well so that's more stuff to deal with and more tokens and PIN's and all that goes with it.
Our organization has annual training that shows how to identify possible issues and confirm valid sources. Users can report suspicious email and links. Before the virus, it was standard. Now reminders and hints go out often to ensure users are aware of the increased activity.
As an employee I know I've received guidance and training about avoiding phishing attempts, but I don't know what "behind the scenes" actions our IT security division is taking.
Barracuda
