Hopefully this puts the kibosh on the fantasy that anti-phishing training has any bearing on the security of an org, and that the combination of having multifactor auth plus password managers plus training users to trust the in-org tooling in matters of authentication instead of having to manage that themselves is, in fact, the correct way to manage your business.
https://mastodon.social/@hrheingold/112830616236145601
Fi, infosec-aspected /
npub1yh…tn7dy
2024-07-22 18:41:19
Author Public Key
npub1yh7qh8c7npgjestgtv23zvych4w824vdntjzc0axvdf0ns2pgp0q3tn7dyPublished at
2024-07-22 18:41:19Event JSON
{
"id": "9c9ec78090568718a2f8ffa4304efcc144e9b15cd34f1049e76ba0becc401b13",
"pubkey": "25fc0b9f1e98512cc1685b15113098bd5c75558d9ae42c3fa66352f9c141405e",
"created_at": 1721673679,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/munin/statuses/112831606233476432",
"activitypub"
]
],
"content": "Hopefully this puts the kibosh on the fantasy that anti-phishing training has any bearing on the security of an org, and that the combination of having multifactor auth plus password managers plus training users to trust the in-org tooling in matters of authentication instead of having to manage that themselves is, in fact, the correct way to manage your business. \n\nhttps://mastodon.social/@hrheingold/112830616236145601",
"sig": "597f86c99b5a9998000cfb6f9fd1716d3339747196ab6c634fcc980c2265a25bfcb0b27edafce74c5e49b74868a73c564b805b3226768395a81678c15792df7f"
}