Webinar

PhishER/KSAT Webinar

Attended: 2/26/26



I attended a professional webinar hosted by KnowBe4 that focused on their product, PhishER. This product is designed to help administrators of organizations with mangeing user reported threats that are sent in via phishing attempts. During this session, the representative went through how companies handle the mass influx of phishing emails reported by employees, and how automated tools help admins manage and respond to these types of attacks. The webinar did a lot to bring attention to the human aspect of security, making it much more relevant to information studies. It provided clear, concise information on cybersecurity, including the management of user-submitted information, which could be used to inform threat mitigation decisions.

One of the topics that came up during the webinar was the shift away from technical controls and towards behavior-based security. Users are being asked to do their part more to report potential email threats, this has led to many reports and emails that need to be processed and addressed in a timely fashion. PhishER helps address the reports and make the reporting process less painful for users and less work for security teams to handle. As with most of the discussion for this webinar, it wasn’t so much about the product's features as about the concept of using automation to handle large volumes of information to aid in responding to security incidents more efficiently.


I learned that a security awareness program is more than just training. By engaging end users, we can turn them into highly valuable security information-gathering assets. It is quite fascinating to think of end users as network sensors, and the many ways they can be leveraged to gain visibility into the system and what is going on. Tools such as PhishER can help bridge the gap between people and technology by allowing technology to validate and make sense of the information users provide. This validation is critical to enabling us to act on the threat information we receive from our users.


From an information studies perspective, the webinar showed the full information lifecycle that occurs within a security informatics process. The user creates the initial primary source for the security informatics process when reporting what they consider to be suspicious emails. The system then classifies and prioritizes the user-entered data. Analysts would then use the information gained to inform their countermeasures. The user provides unstructured data in the form of reports on suspicious emails, and the system converts it into structured knowledge that the business can use to make risk management decisions. The presenters note that, with advancements in technology, cybersecurity is no longer just about preventing attacks, but also about the information we manage and the information systems we use when making important decisions.

I believe it is important to consider not only the technological side of risk management but also the information aspect. The webinar gave an overview of the technology stack to be aware of when considering the social risks associated with information technology. As a Cybersecurity professional, I would like to make sense of information generated by users, understand the technology behind the systems that process that information and the actions users take, and turn it into a useful, workable format.


This webinar has certainly aided my understanding of a modern organization’s approach to managing threats and how this fits within the broader scope of cybersecurity. Presently, cybersecurity is largely focused on managing human-generated data for use in information systems to generate business-informing information. This webinar was exemplary in showcasing how a combination of technology, human behavior and information handling methods can be used to not only demonstrate the learning of lessons from real world threats, but to actually generate the learning experiences of threats, which I will endeavor to use as a reference point in my journey towards becoming an information professional in cyber security, with information management holding an equal importance to information protection.