PQ-SPEAR is described as a 'Denial Technology' aiming to educate employees on the ever-increasing threats, but also deny attackers ability to gather necessary Personally Identifiable Information (PII) to launch successful social engineering campaigns.
Since business email use has grown over 300% during COVID, Enterprise and MSPs have increased security challenges ahead of them for 2021 to keep inboxes & enterprise data protected.
A recent Ponemon Institute Study of The Human Factor of Data Security surveyed security executives to detail top risk mitigation challenges as the following:
- Human error email and hardware mistakes
- Not having the right tools to prevent or respond to advanced attacks that are quickly climbing in frequency.
PiiQ Media established that attackers don’t always attach a sense of urgency while phishing. Instead, they attempt to gain trust with the individual target by playing the long game before deploying a particular exploit. It’s known successful attacks begin by bad actors gathering data on the target, across online channels. As this grows in frequency, the lack of useful threat awareness tools or training around these tailored tactics quickly became apparent. To successfully infiltrate thousands of organizations through their weakest point- the human’s exposed personally identifiable information (PII) cyber criminals contextualize the outreach, tailored uniquely to each user - this drives click propensity.
In fact, more than 91% of successful attacks and data breaches start with phishing scams, according to Dark Reading. More specifically, 80% of successful attacks are delivered through Spear Phishing, according to CSO online. While traditional responses attempt to block these relentless attacks, threat actors have embarked on creating more sophisticated, very personalized attack methods, which in turn have industrialized these attack vectors in both complexity and size.
PiiQ answered the market demand for a more effective security and advanced training simulation solution, and established disruptive exposed identity audit and training technology! Evaluating over 21+ social engineering risk markers, specific to each end user, PiiQ SPEAR is quickly becoming an industry change agent: As organizations work to move to more zero trust models, they need faster insights to empower decisions on information and system access based on inherent risk. PiiQ separates the workforce into risk modeling like never before!
PQ SPEAR seamlessly delivers 3 core security game changers.
- Automate publicly exposed open and dark web information for executives and employees, across all top social media channels, darkweb, and open source
- Syndicates into a tailored spear phishing simulation, truly unique to each under user and specific to their own exposed data that attackers would use to gain trust. (with complete automation at scale)
- Insight into a new level of security vulnerability to measure as a unique SPEAR Phishing penetration rate into human layer vulnerability has never been done at scale in any organization.
PQ-SPEAR is contextualized to each and every end-user, yet simple enough to deliver like any of the legacy “non personalized phishing training program solutions. We are delivering the most advanced attack simulations and awareness training solution available without creating any new work for the security teams - just solutions. This is a game changer.” - Aaron Barr, CTO and Co-Founder.
The SPEAR solution can be whitelabeled to scale for small to large partners or resellers and is an important addition to any evolving insider or security training awareness program for enterprise level organizations. The claim to ‘see what an attacker sees,’ has been made- however without merit. No other security or training awareness providers are delivering deep digital threat intelligence and technical exposures on each unique end user, at scale across open and dark web.
Partner inquiries here.
Enterprise inquiries here.
The PQ-SPEAR approach to end point and identity security is totally unique. The majority of existing simulation services only focus on sending more generic phishing emails such as a Zoom meeting request, a request to reset your password, or a COVID update email. These are intelligence tests, not security tests.
"We wanted to tackle this problem from an attacker's perspective. If we shut off the areas of PII that attackers exploit, then it reduces their overall success rate of attacks. That is our main goal. Since social media is fluid, the goal post is always moving. We have a lot of experience in this area, so channeling our expertise to create PQ-SPEAR drives significant value to our clients." - Darren Millar, SVP Operations.
PQ-SPEAR focuses on the information cyber attackers can collect in the reconnaissance and intelligence gathering phase of an attack. PQ-SPEAR then automatically frames and sends simulated emails to staff and executives based on the information collected about each individual. What this effectively means is that each member of your organization can receive a completely personalized spear phishing email created solely from their publicly accessible social media and open source information. As the publicly available content changes, so does the context of continued PQ-SPEAR simulations. See explainer video here.
The solution is customized to your staff's job descriptions and roles, knowledge-level, or industry compliance needs. As staff grows a deeper understanding of how to prevent PII exposures known to drive success on spear phishing emails, PiiQs automation evolves. People are the new perimeter. Help them become educated on understanding the impact of their digital footprint . . and how those sight lines benefit an attacker! For a free trial or more information on PQ-SPEAR and any of our other security and risk services, book a call with us today!