SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Enex Carbon & PhishLine bring holistic security culture to APAC
Thu, 7th Sep 2017
FYI, this story is more than a year old

Two cybersecurity companies with strong ties to Asia Pacific are embarking on a partnership to provide what they call a comprehensive and holistic approach to cybersecurity culture and awareness.

US-based firm PhishLine and Australian firm Enex Carbon will combine security awareness expertise with turnkey solutions that fight cybercrime.

The two companies see major potential in the Asia Pacific market, particularly as ransomware attacks tend to hit the region hard. They state that WannaCry infected tens of thousands at its peak.

The two companies both have well-established presences in the region and believe they are primed to help enterprise businesses defend themselves from ransomware and other digital threats.

“To support any change activity, you need data. The partnership with PhishLine enables us to establish metrics that we can use to improve security culture across our current and future clients around the world,” comments Enex Carbon CEO Mark Jones.

Enex Carbon has also established itself in Asia Pacific and recently worked with Phishline to help improve an Australian bank's security stance and posture.

“Enex Carbon is an experienced player that understands what motivates employees to get behind a security culture. They know that humans are the critical link in any security solution and complement our data-driven approach nicely,” Mark T. Chapman, PhishLine president and CEO.

PhishLine has had extensive experience in the Hong Kong market. It helped several large financial institutions in the region implement information security programs.

The company also helped Hong Kong banks meet the requirements for the Cyber Resilience Assessment Framework guidelines that were established by the Hong Kong Monetary Authority.

By September 30 2017, approximately 30 Hong Kong Banks must meet the guidelines. According to PhishLine, the guidelines have three areas of focus on phishing and security awareness:

  • Cybersecurity training for bank employees—including cyber incident response, current cyber threats, such as phishing, spear phishing and social engineering, and emerging issues.
  • Training effectiveness for management—to ensure effectiveness of cyber resilience training for all levels of staff members.
  • Cybersecurity awareness training for management—to ensure that lessons learned from social engineering and phishing exercises are adequately included in cybersecurity awareness programs.

“With many Hong Kong banks already working with PhishLine to meet HKMA C-RAF requirements, PhishLine is positioned to play an essential role in the banking community's efforts to increase cybersecurity,” Chapman says.

“Our long history working with some of the world's largest banks and financial institutions uniquely qualifies us to serve the growing focus on security awareness in the Asian banking community.