Phishing attacks are becoming more sophisticated. Utilizing automation is key to keeping up with attacks since technology is capable of determining whether an attack is occurring internally or externally. Security teams should also conduct routine phishing tests to ensure everyone within an enterprise is up to date on the lasted schemes and is aware of how sophisticated attacks can be. Depending on who an organization’s top relationships are, it may be impossible for security teams to enforce controls on email and certain applications, making training initiatives even more crucial. Moderator James Morris and his participants further discussed what new phishing campaigns their businesses have been exposed to. What they found was that attacks are getting more personable, particularly in the form of spear phishing, which makes it easy for users to confuse phishing attempts with legitimate emails, especially those that look like “urgent messages” from your CEO.