213k views
3 votes
A company has gone through a round of phishing attacks. More than 200 users have had their workstation infected because they clicked on a link in an email. An incident analysis has determined an executable ran and compromised the administrator account on each workstation. Management is demanding the information security team prevent this from happening again.

Which of the following would BEST prevent this from happening again?

A. Antivirus
B. Patch management
C. Log monitoring
D. Application whitelisting
E. Awareness training

User Melek
by
8.8k points

1 Answer

5 votes

Final answer:

Awareness training

The best way to prevent future phishing attacks similar to the one experienced by the company is through Awareness training, which educates users on how to identify and avoid suspicious emails.

Other security measures have their merits but do not address the fundamental issue of user behavior which is the primary vector for such attacks.

Step-by-step explanation:

The best measure to prevent a recurrence of the phishing attack that infected over 200 workstations would be E. Awareness training. While antivirus software and patch management are important layers of defense, they cannot always prevent users from clicking on malicious links.

Log monitoring is reactive, helping to detect breaches after they have occurred, but does not prevent the initial user error. Additionally, application whitelisting can be effective but could still allow an executable to run if it masquerades as a whitelisted application.

Awareness training directly addresses the root cause of the breach: users clicking on phishing links. By educating them to be critical readers of every email they receive, you can empower users to recognize and avoid phishing attempts.

Regular training, along with simulated phishing tests, has been shown to significantly reduce the risk of successful attacks, as users learn to identify and report suspicious emails.

As an expert opinion on mitigation strategies, increased user education is paramount, including more robust training and best practices for digital security.

Additionally, ensuring that users understand the importance of not sharing sensitive information and recognizing social engineering tactics is critical to an organization's security posture.

User Michal Rosenbaum
by
7.5k points