WELCOME! Office 365 – What Security Threats Worry You?

What do you hope to learn today?

Please take a moment to fill out the yellow cards.

Our presenters will review the cards to ensure that we cover the topics/areas of interest.

We will collect them before we get started.

Thanks!

Collect ‘Learn Today’ Cards

What do you hope to learn today?

Please take a moment to fill out the yellow cards.

Our presenters will review the cards to ensure that we cover the topics/areas of interest.

We will collect them before we get started.

Thanks! System Source & : System Source & Microsoft:

 Microsoft Certified Partner…since 1980’s  Silver – Learning Solutions  Train 6,000 students/year  Our Instructors rate 20% higher than Microsoft National Average Customer Satisfaction Scores.  Silver – Infrastructure

 1,000’s of Microsoft implementations  Small Business to Enterprise  Non-profit  Education What Security Threats Worry You? Stephen Deming Microsoft Partner Technology Strategist Challenges

2 billion records compromised in the last year

140+ days between infiltration and detection

87% of senior managers admit using personal accounts for work

45% of organizations lack data governance which leaves them open to litigation and data security risks

Ever-evolving industry standards across geographies

Attack kill chain Attack kill chain Attack kill chain and ATA Our Commitment to Trust Privacy

Customer is the owner of their data.

We do not mine customer data for advertising purposes.

Privacy controls enable you to configure your company privacy policies.

Microsoft advocates for data privacy on behalf of customers.

Microsoft safeguards customer data with strong contractual commitments. Transparency

Know where your data is stored.

Understand who has access your data and under what circumstances.

Monitor the state of your service, get historic view of uptime.

Integrate security events’ feeds into your company security dashboard.

Gain insight with access to service dashboards & operational reporting. Operational security

Safeguards to prevent unauthorized access and data loss

Physical security with 24-hour monitoring and multi-factor authentication

Admin background checks

Zero-standing access to data

Data encryption at-rest and in-transit

Red team / Blue team penetration testing and incident response practice

Product development using Security Development Lifecycle

Bug bounty program to identify vulnerabilities Safeguarding your data Managed apps

Identify, label, classify, set policies to help protect information.

Encrypt your data and restrict access using Azure Information Protection.

Safeguard information with Data Loss Prevention.

Get visibility into and improve your security position with Secure Score

Restrict unauthorized data sharing across apps with MAM.

Prevent data leaks with support for Windows Information Protection.

Manage data on devices through built-in MDM.

Securely communicate with customers using Message Encryption.

Personal apps Detect and protect against external threats

Block 100% of known malware and 99% of spam with Exchange Online Protection.

Provide zero-day protection against unknown malware in attachments and links with Advanced Threat Protection.

Providing actionable insights to global attack trends with Threat Intelligence.

Get alerts of suspicious behavior using Advanced Security Management.

Secure user accounts with Conditional Access and multi-factor authentication. Compliance

Meet compliance obligations for data access with Customer Lockbox.

Monitor and investigate events related to your data with full audit tracking.

Reduced cost and risk with in-place intelligent Advanced eDiscovery.

Efficiently perform risk assessment with Service Assurance.

Manage data retention with Advanced Data Governance. PROTECT DETECT across all endpoints, from using targeted signals, behavioral sensors to the datacenter monitoring, and machine learning

MICROSOFT’S SECURITY APPROACH

!

RESPOND closing the gap between discovery and action Security Tactics Security Tactics Identity Devices Apps & Data

Cloud apps Shadow IT SaaS Azure Employees Partners Customers Device breach Data breach Identity breach On-premises apps

Transition to New attack Current defenses cloud & mobility landscape not sufficient IDENTITY DRIVEN SECURITY Identity anchors our approach to security

Simple connection Windows

Other directories Self-service Single sign-on SaaS Azure

Public cloud

On-premises Active Directory Cloud Multi-factor authentication

Data encryption

User accounts

Device log-ins Malware Unauthorized data access

Attacks

User log-ins

Phishing Denial of service

System updates Enterprise security Our unique intelligence

450B

1B

200B Security Tactics Security Tactics Global, hyper-scale, enterprise-grade infrastructure

Enterprise reliability via 100+ data centers and Microsoft’s global network edge

Compliance leadership with standards including ISO 27001, FISMA, and EU Model Clauses

No standing access to data, transparent operational model, and financial-backed 99.9% SLA

Secure by design, operationalized at the physical, logical, and data layers United Kingdom Japan Key certifications CSA CCM CSA CCM ENISA IAF CS Mark (Gold) EU Model Clauses FISC Spain ISO/IEC 27001, 27018 ISO/IEC 27001, 27018 CSA CCM NIST 800-171 Japan My Number Act ENISA IAF SOC 1, 2, 3 SOC 1, 2 EU Model Clauses UK G-Cloud EU-U.S. Privacy Shield ISO/IEC 27001, 27018 SOC 1, 2 Over 1000 controls in the Office 365 compliance Spain ENS Singapore framework enable us to stay up to date with the LOPD CSA CCM ISO/IEC 27001, 27018 ever-evolving industry standards across MTCS geographies. SOC 1, 2

Trust Microsoft’s verified services. Microsoft is China China GB 18030 regularly audited, submits self-assessments to China MLPS independent 3rd party auditors, and holds key China TRUCS certifications.

United States CJIS CSA CCM DISA FDA CFR Title 21 Part 11 FEDRAMP FERPA FIPS 140-2 FISMA HIPPA/HITECH HITRUST IRS 1075 European Union ISO/IEC 27001, 27018 Argentina CSA CCM MARS-E Argentina PDPA ENISA IAF Australia New Zealand NIST 800-171 CSA CCM EU Model Clauses CSA CCM CSA CCM Section 508 VPATs IRAP (CCSL) EU-U.S. Privacy Shield IRAP (CCSL) ISO/IEC 27001, 27018 SOC 1, 2 ISO/IEC 27001, 27018 ISO/IEC 27001, 27018 ISO/IEC 27001, 27018 NZCC Framework SOC 1, 2 SOC 1, 2, SOC 1, 2 SOC 1, 2 Providing clarity and consistency for the protection of personal data

The General Data Protection Enhanced personal privacy rights Regulation (GDPR) imposes new rules on organizations in the European Increased duty for protecting data Union (EU) and those that offer goods and services to in the EU, or that Mandatory breach reporting collect and analyze data tied to EU residents, no matter where they are located. Significant penalties for non-compliance

Microsoft believes the GDPR is an important step forward for clarifying and enabling individual privacy rights Global Data Protection Regulation (GDPR) What it is and how Microsoft is preparing for GDPR

GDPR is a global regulation that you will have to abide by starting May 2018

Microsoft is doing 3 different things to prepare for GDPR

Customer outreach Engineering Government affairs

We have many customer controls already available within Office that will help you stay GDPR compliant including controlling access and protecting personal data features. The most secure Windows ever

XP Vista 7 8 8.1 10 2001 2007 2009 2012 2013 2015 Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH When is more needed?

Executive, management, or financial roles

Access, process or store highly- sensitive customer data

Regulated industries including publicly listed companies

In-house or IP development Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH Microsoft Security: Defense in Depth

• Trusted Boot • Windows Hello • Information Protection • Credential Guard • Device Guard • Advanced Threat Protection Microsoft Security: Defense in Depth

Windows 10 • Multifactor Authentication • Anti-Spam / Anti-Malware Office 365 • Data Loss Prevention • Advanced Threat Protection Microsoft Security: Defense in Depth

Windows 10 • Azure Active Directory Premium • Azure Information Office 365 Protection • Microsoft Intune Enterprise Mobility + • Advanced Threat Analytics Security • Cloud App Security Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH 46 Windows 10

Windows Hello (Screens simulated, subject to change)

1. Fast and password-free. With Windows Hello,* you can sign into your Windows devices, compatible apps and sites 3 times faster1 than a password that you have to remember and type in and worry about keeping secure. Windows Hello uses your face, fingerprint, or a Windows Hello companion device† to recognize you instantly. You can always keep your PIN as a backup if you choose.

2. More secure than a password. Get better protection when you unlock your device with a look or a touch. Windows Hello uses biometric sensors to recognize you apart from all others. Windows Hello* requires two or more factors of user validation, such as biometrics and your device, to set up the credentials you will use for authentication.

3. Tamper-proof credentials. Your device’s Trusted Platform Module (TPM) hardware protects and isolates your Windows credential from the rest of the operating system, helping to thwart malware and advanced attacks. Windows Hello* is fundamentally immune to phishing and safer from data center breaches because the authentication factors and Windows Hello credential are physically separate. Even if you enter your PIN on a malicious website, an attacker will not be successful unless they also have your device.

4. Unlock your online world. Get rid of passwords. Windows Hello* works with Office 3652 and other Microsoft services, Azure apps2 like Dynamics CRM2 and compatible apps like Dropbox.2 It can wave you into compatible websites too, as long as you're using .** Site sign- ins are fast and password-free, with strong security that protects your identity in a way that a password never could.

5. Your companion devices unlock your PC. Windows Hello* lets you use , and other Windows Hello companion devices to quickly unlock your Windows PC without using a password.3 Companion devices† know who you are and give you another choice for quick, secured sign-ins that can meet some of the strictest regulatory compliance standards. * To use Windows Hello with biometrics specialized hardware, including fingerprint reader, illuminated IR sensor, or other biometric sensors is required. Hardware based protection of the Windows Hello credential/keys requires TPM 1.2 or greater; if no TPM exists or is configured, credentials/keys protection will be software-based. ** Limited to compatible websites and apps. † Companion devices must be paired with Windows 10 PC’s via Bluetooth. To use a Windows Hello companion device that enables the user to roam with their Windows Hello credentials requires Pro or Enterprise edition on the Windows 10 PC being signed into. 1Based on average time comparison between typing a password respectively detecting a face or fingerprint to authentication success 2Sold separately 3Available for select premium phones and selected . Requires PC and phone to be joined in Azure Active Directory or Active Directory and paired via Bluetooth. 47 Windows 10 Enterprise

Credential Guard

1. Protect identities from the impact of a full system compromise. One of several identity protection layers in Windows 10, Credential Guard helps protect the user access tokens (derived credentials) that are generated once users have been authenticated. Protection of these tokens is critical to prevent Pass the Hash attacks, which is the go-to tactic for nearly all major network breaches. Credential Guard stores the tokens within a virtualization- based security (VBS) environment running on top of Hyper-V technology. This helps prevent attackers from extracting the tokens from devices, even when the Windows kernel itself has been fully compromised. Credential Guard is designed so that malware running in the operating system, even with the highest privilege level, can‘t access user related access tokens.

2. Hardware-level security. Credential Guard uses hardware-based virtualization and Hyper-V to host Windows 10 security credentials and isolate them from malware. Hardware based isolation prevents attackers, even with the highest level of Windows privilege, from accessing user related access tokens.

3. Easy Manageability. Credential Guard can be enabled using making it easy and (Screen simulated, subject to change) familiar for your IT staff to administer using the existing management tools they have in place.

• Azure Active Directory Premium

Company branded, personalized application Access Panel: http://myapps.microsoft.com + iOS and Android Mobile Apps Integrated Office 365 app launching

Manage your account, apps and groups Self-service password reset

Application access requests 49 Windows 10 Enterprise E5

Windows Defender Advanced Threat Protection (ATP)

1. Built into Windows, cloud-powered. Windows Defender Advanced Threat Protection (ATP) is powered by behavioral sensors built into Windows 10 and a cloud back-end. No additional deployment is required, and the service can be switched on through configuration. Running alongside any anti-virus (AV) solution, Windows Defender ATP is continuously up-to- date, and can help lower costs. 2. Behavior-based, post-breach detection. Windows Defender Advanced Threat Protection (ATP) detects attacks that have made it past all other defenses, based on behaviors. Windows Defender ATP uses real-time as well as historic information to identify attacks, and provides actionable alerts for known and unknown adversaries. 3. Rich timeline for investigation. Windows Defender Advanced Threat Protection gives you an easy way to investigate the scope of a breach or suspect behaviors through a rich machine timeline, for all machines enrolled to the service. Gain additional deep analyses for files and URLs by using its detonation service. 4. Unique threat intelligence knowledge base. Unparalleled threat optics combine first and third party threat intelligence data to (Screen simulated, subject to change) provide actor details and intent context for threat detection. Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH 51 Windows 10

Windows trusted boot

1. Get complete control from the start. Windows trusted boot on Windows 10 is built on top of a security standard developed by members of the PC industry to help make sure that your PC boots using only trusted software. When the PC starts, the device's firmware and then Windows itself validate each boot-related component, avoiding headaches caused by malware that can load before the OS boot process has begun or within it.

2. Nip threats in the bud. Windows 10 closes off the pathways that allow malware to hide by ensuring that the devices firmware and operating system have integrity and start before malware can.

3. Enjoy continuous enterprise-grade security for your peace of mind. Once Windows is started by the device's firmware, Windows Trusted Boot can help ensure that the Windows system core starts with integrity every time, working to defend you against modern threats. If anomalies are detected, Windows Trusted Boot will self-remediate and restore the Windows operating system's boot integrity. (Screens simulated, subject to change; Some apps sold separately, availability may vary). 52 Windows 10 Enterprise

Device Guard

1. Eliminate malware. Help secure your environment and prevent untrusted apps and code from running by using the ultimate form of app control. Using virtualization-based security, the Device Guard feature in Windows 10 offers a solution more powerful than traditional app control products, providing rigorous protection from tampering and bypass.

2. Hardware rooted app control. Device Guard uses virtualization-based security to isolate and help protect Device Guard features, such as the Hyper-V Code Integrity Service (HVCI), from malware and attacks, even if Windows itself has been compromised. HVCI enables Device Guard to help protect kernel mode processes from in-memory attacks, giving you a strong defense against zero-day exploits.

3. Only run trusted apps. Device Guard helps enable your IT department to decide which software vendors and apps can be trusted within your environment. IT can designate as trustworthy the right combination of apps for your organization, from internal line-of-business apps to everything from the Windows Store to apps from specific software vendors. Device Guard works with Windows Classic apps and Universal Windows Platform apps, and it includes tools that make it easy to sign your existing apps.

(Screens simulated, subject to change. Office 365 subscription required for some features ) Advanced Threat Protection

Time-of-click protection against malicious URLs URL reputation checks along with detonation of attachments at destination URLs.

Zero-day protection against malicious attachments Attachments with unknown virus signatures are assessed using behavioral analysis.

Critical insights into external threats Rich reporting and tracking features provide critical insights into the targets and categories of attacks.

Integrated across apps & services Protection across Exchange Online, SharePoint Online, OneDrive for Business, and Office apps.

Intelligence sharing with devices Integration with Windows Advanced Threat Protection to correlate data across users and devices. Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH 55 Windows 10 Pro

BitLocker

• Keep your peace of mind, even with a lost or stolen device.

• BitLocker and BitLocker to Go encrypt your data on your device and even on your USB drive, so you’re more protected.*

(Screen simulated, subject to change) *Requires TPM 1.2 or greater for TPM based key protection. 56 Windows 10 Pro

Windows Information Protection

1. Separate personal and professional data. Windows Information Protection* (WIP) helps IT and users prevent accidental leaks by separating personal and business data. WIP allows IT administrators to apply rules to control how business data can be used. WIP recognizes business data as it arrives on devices, is generated by business applications, or when it is designated as business data by the user.

2. User and app access control. Windows Information Protection* (WIP) enables IT to set policies that define which applications and users are authorized to access business data. WIP also enables IT to define which rights a user has, allowing IT to either help block leaks or, optionally, help warn the user before content is copied to unauthorized websites and personal documents. Plus, WIP helps protect business data that is placed on removable storage by ensuring all business data is encrypted and accessible only by authorized users.

3. Provides greater IT control with a seamless experience for users. With Windows Information Protection* (WIP) in Windows 10 Pro and Enterprise editions, business data protection takes place completely behind the scenes, only notifying users when they’re attempting to take an unauthorized action. Your IT team has full control of keys and protected data, making it easy to perform a remote wipe of business data on demand while leaving personal data untouched. (Screen simulated, subject to change)

*WIP requires either Mobile Device Management (MDM) or System Center Configuration Manager to manage settings. Active Directory makes management easier, but is not required. Breach detection Device Threat Identity Information protection resistance protection protection investigation & response

PRE-BREACH POST-BREACH Archive with Advanced eDiscovery

Identify relevant documents Predictive coding enables you to train the system to automatically distinguish between likely relevant and non-relevant documents.

Identify data relationships Use clustering technology to look at documents in context and identify relationships between them.

Organize and reduce the data prior to review Use near duplicate detection to organize the data and reconstruct email threads from unstructured data to reduce what’s sent to review. Data Loss Prevention

New DLP sensitive information types added to Exchange

PolicyTips added to Excel and other Office applications

DLP capabilities extended to include documents in SharePoint Rights Protected Email Rights Protected Office Documents Advanced Data Governance

Leverage intelligence to automate data retention

Classify data based on age, type, user, or sensitivity

Policy recommendations based on machine learning

Apply actions to preserve high value data

Purge redundant, obsolete, and trivial data Customer Lockbox

Meet Compliance Needs Customer Lockbox can help customers meet compliance obligations by demonstrating that they have procedures in place for explicit data access authorization.

Extended access Control Use Customer Lockbox to control access to customer content for service operations.

Visibility into actions Actions taken by Microsoft engineers in response to Customer Lockbox requests are logged and accessible via the Management Activity API and the Security and Compliance Center. Windows 10 Enterprise capabilities

The most trusted platform More productive More personal The most versatile devices

Enterprise Data Protection Azure Active Directory Join User Experience Virtualization (UX-V) Windows 10 for Industry Devices Prevent accidental leaks by separating Streamline IT process by harnessing the OS and app settings synchronized across Turn any inexpensive, off-the-shelf personal and business data power of the cloud Windows instances device, into an embedded, handheld, or

E3 kiosk experience Windows Hello for Business MDM enablement Granular UX Control Enterprise grade biometric and Manage all of your devices with the Enterprise control over user experience

companion device login simplicity of MDM E5

Credential Guard Windows Store for Business, Protects user access tokens in a Private Catalog hardware-isolated container Create a curated store experience for employee self-service AppLocker Block unwanted and inappropriate Application Virtualization (App-V) apps from running Simplify app delivery and management

Device Guard Management Windows Windows 10Enterprise Device locked down to only run fully Create, personalize, and manage Cortana

trusted apps profiles through Azure Active Directory Windows Windows 10Enterprise Advanced Threat Protection Behavior-based, attack detection Built-in threat intelligence Forensic investigation and mitigation Built into Windows Office 365 Enterprise capabilities

APPS SERVICES SECURITY ANALYTICS VOICE Cloud Productivity & Rich Communication and Advanced Enterprise Complete Cloud Insights for Everyone Mobility Collaboration Protection Communication

Office Pro Plus: Exchange : Advanced Threat Protection: Power BI Pro: PSTN Conferencing: Business-class email & Zero-day threat and malware Live business analytics and Worldwide dial-in for your Office apps on up to 5 PCs & protection visualization online meetings Macs OneDrive: Cloud Storage and file sharing Advanced Security Delve Analytics: Cloud PBX: Mobile Office Apps: Management: Individual and team Business phone system in the SharePoint: Office Apps for Tablet & Enhanced visibility and control effectiveness cloud Team sites & internal portals Smartphones Customer Lockbox: PSTN Calling: for Business: Enhanced customer data access Cost effective cloud based dial Online Meetings, IM, video chat controls tone Microsoft Teams: (add-on) Advanced eDiscovery: Chat-based Collaboration Identifying the relevant data : quickly Private social networking

Office 365 E3 Office 365 E5 Enterprise Mobility & Security capabilities

Identity and access management Identity Driven Security Managed Mobile Productivity Information Protection

Azure Active Directory Microsoft Advanced Threat Microsoft Azure Information Premium P1 Analytics Intune Protection Premium P1

E3 Single sign-on to cloud and on- Identify suspicious activities & Mobile device and app Encryption for all files and storage premises applications. Basic advanced attacks on premises. management to protect corporate locations. Cloud based file

conditional access security apps and data on any device. tracking EMS EMS

Existing Azure RMS capabilities E5

EMS EMS Azure Active Directory Microsoft Azure Information Premium P2 Cloud App Security Protection Premium P2

Advanced risk based identity Bring enterprise-grade visibility, Intelligent classification, & protection with alerts, analysis, & control, and protection to your encryption for files shared inside & remediation. cloud applications. outside your organization

Secure Islands acquisition Productivity Modern

Microsoft 365 Windows10 Office 365 Dynamics Azure EMS 365 Line of Business Apps of BusinessLine (CRM & ERP) ApplicationsBusiness (Window, IOS, Android) DeviceMobile Security (Office suite,email,collaboration) PersonalProductivity Desktop 73 ENTERPRISE PLAN OVERVIEW

M365 M365 EMS E31 E51 $32 $57 Office Applications Word, Excel, PowerPoint, OneNote, Access X X Email & Calendar Outlook, Exchange X X Chat-based Workspace Microsoft Teams X X Voice, Video & Meetings Skype for Business X X PSTN Conferencing, Cloud PBX X

Social & Internet Sharepoint & Yammer X X Threat Protection Microsoft Advanced Threat Analytics, Windows Defender Antivirus, Device Guard X X Windows Defender Advanced Threat Protection, Office 365 Advanced Threat Protection, O365 Threat Intelligence X

Identity & Access Management Azure Active Directory Plan 1, Windows Hello and Credential Guard X X Azure Active Directory Plan 2 X

Device & App Management Microsoft Intune X X Information Protection Office 365 Data Loss Prevention, Windows Information Protection & BitLocker, Azure Information Protection Plan 1 X X Azure Information Protection Plan 2, Microsoft Cloud App Security, O365 Advanced Security Management X Advanced Compliance Advanced eDiscovery, Customer Lockbox, Advanced Data Governance X Analytics Delve X X Power BI Pro, MyAnalytics X

1Productivity Server Rights –SharePoint, Exchange and Skype for Business productivity server rights for ALL M365 customers (Hybrid Rights unavailable in CSP Channel). 1Office Professional Plus – One copy of Office Professional Plus for each copy of From SA Full USL M365 purchased; enabled for the duration of their subscription and downgrade rights included. Pricing is No Level –Final pricing may vary due to rounding and geo location Microsoft Internal & Partner Use Only Our Commitment to Trust Microsoft Trust Center

Security. Compliance. Privacy. Learn how we, as an industry leader in cloud productivity services, are continually taking steps to maintain your trust in Microsoft.

Our commitment to the area of trust is explained through the five pillars of the Trust Center.

http://www.Microsoft.com/trustcenter © Copyright Microsoft Corporation. All rights reserved. 76 Welcome!

KnowBe4 Security Awareness Training and Phishing

Michelle Robinson System Source Learning Center Director System Source and KnowBe4 Partnering to deliver high quality training and phishing tests

About KnowBe4

World’s most popular integrated Security Awareness Training and Simulated Phishing platform Training based on Kevin Mitnick’s 30+ year unique first-hand hacking experience (The Dark Side Hacker)

Gartner peer insights puts KnowBe4 at the top of the list for overall rating including: • Product capabilities

• Customer experience

• Willingness to recommend KnowBe4 Recognized by Gartner as a Leader In the Magic Quadrant for Security Awareness Computer- Based Training 2017

Gartner Magic Quadrant for Security Awareness Computer-Based Training, Joanna G. Huisman, 26 October 2017 This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from KnowBe4. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved. Spear Phishing Example Current Events

Recent phishing attempts focus on current events Our Approach

Baseline Testing We provide baseline testing to assess the Phish-prone percentage of your users through a free simulated phishing attack.

Train Your Users The world's largest library of security awareness training content; including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails.

Phish Your Users Best-in-class, fully automated simulated phishing attacks, hundreds of templates with unlimited usage, and community phishing templates.

See The Results Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the great ROI! Baseline Testing

 4 templates for your free baseline phishing test  O365  Exchange  Gsuite  Network password O365 Exchange Training Modules

Kevin Mitnick Security Awareness Training – 15, 25 and 45 min

Description This 15-minute module is an advanced, condensed version of the full 45-minute training, often assigned to management. It covers the mechanisms of spam, phishing, spear-phishing, spoofing, malware hidden in files, and Advanced Persistent Threats. Phish Your Users

700+ phishing templates

Dozens of categories

Customized landing pages

Automate/randomize templates KnowBe4 Tracked Phish Prone Percentages

Company Size Baseline 90 Day Maturity 1 Year Maturity Industry

Small (<250 Users) 30.1% 13.1% 1.9% All Industries Medium (250-1000 Users) 28.5% 13.2% 2.2% Large (1000+ Users) 25.1% 14.1% 3.0% Small (<250 Users) 27.4% 10% 1.5% Banking Medium (250-1000 Users) 28.5% 9.1% 2.2% Large (1000+ Users) 23.0% 14.5% 5.8% Small (<250 Users) 29.2% 16.9% 2.8% Education Medium (250-1000 Users) 26.2% 17.2% 1.9% Large (1000+ Users) 26.0% 22.6% 5.3% Small (<250 Users) 27.4% 10% 1.5% Financial Services Medium (250-1000 Users) 28.5% 9.1% 2.2% Large (1000+ Users) 23.0% 14.5% 5.8% Small (<250 Users) 29.3% 12.8% 1.9% Government Medium (250-1000 Users) 25.1% 9.1% 1.5% Large (1000+ Users) 20.8% 7.9% 1.5% Small (<250 Users) 29.8% 16.8% 2.0% Medium (250-1000 Users) 27.8% 11% 1.6% Healthcare & Pharmaceuticals Large (1000+ Users) 25.6% 15.8% 2.2%

25% Training Impact on Phish Prone Staff - 25-29 person sample

Training for 20% those failing phishing tests

15% Phish Prone Prone Phish% 10%

5%

0% Medium Sized Business Snapshot of Phishing and Testing Silver Level: Training Access Level I which includes the Kevin Mitnick Security Awareness Training in the full 45-minute module, the shortened 25-minute module, and the executive 15- minute version. In addition to unlimited Simulated Phishing Tests and enterprise-strength reporting for the length of your subscription. Gold Level: Includes all Silver level features plus Training Access Level II which includes all 27+ KnowBe4 training modules. Gold also includes monthly Email Exposure Check (EEC) Reports and Vishing Security Test. • Email Exposure Check monthly reports show you which email addresses from your domain are exposed on the Internet and are a target for phishing attacks • Vishing Security Tests using IVR attacks over phone (available for U.S. and Canada) Subscription Levels and Pricing Evaluations & Door Prizes Learning Center Offer Lunch

THANK YOU!