Chaos and Order

Chaos and Order https://www.youngju.dev/blog 천천히 올바르게. AI Researcher & DevOps Engineer Youngju's tech blog. GPU/CUDA, LLM, MLOps, Kubernetes AI workloads, distributed training, and data engineering. ko fjvbn2003@gmail.com (Youngju Kim) fjvbn2003@gmail.com (Youngju Kim) Sat, 16 May 2026 00:00:00 GMT https://www.youngju.dev/blog/culture/2026-05-16-ai-phishing-simulation-security-awareness-2026-knowbe4-hoxhunt-cofense-proofpoint-infosec-iq-mimecast-sophos-phish-threat-deep-dive.en AI Phishing Simulation & Security Awareness Training 2026 Deep Dive — KnowBe4, Hoxhunt, Cofense, Proofpoint Security Awareness, Infosec IQ, Mimecast Awareness, Sophos Phish Threat, NINJIO, CybSafe, Living Security https://www.youngju.dev/blog/culture/2026-05-16-ai-phishing-simulation-security-awareness-2026-knowbe4-hoxhunt-cofense-proofpoint-infosec-iq-mimecast-sophos-phish-threat-deep-dive.en Security awareness training in 2026 is no longer "send fake emails and measure click rates." GenAI has slashed the attackers attack cost, and KnowBe4, Hoxhunt, Cofense, Proofpoint, Infosec IQ, Mimecast, Sophos Phish Threat, NINJIO, CybSafe, and Living Security now arm themselves with AI-generated lures, real-time behavioral analytics, and deepfake voice/video vishing simulations. The February 2024 Arup 25M USD deepfake video-call incident, September 2023 MGM Resorts vishing, August 2022 Twilio SMS phishing, the Lapsus group MFA fatigue attacks — the fact that humans remain the weakest link has not changed in 30 years; what is new is that the attackers toolkit now runs on GPT-4, Claude, and ElevenLabs. This guide walks through KnowBe4 PhishER, Hoxhunt adaptive training, Cofense Triage, Proofpoint Closed-Loop Email Analysis, the GoPhish open source stack, the NIST Phish Scale, NIS2/PCI DSS 4.0/ISMS-P/APPI compliance, Korean KISA and FSI national exercises, Japanese NRI Secure / TrendMicro / IERAE — in one continuous arc. 22 H2 chapters with 80-plus real incidents, tools, and reference URLs. Sat, 16 May 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) phishing-simulationsecurity-awarenessknowbe4hoxhuntcofenseproofpoint-awarenessinfosec-iqmimecast-awarenesssophos-phish-threatninjiocybsafeenglish https://www.youngju.dev/blog/culture/2026-05-16-ai-phishing-simulation-security-awareness-2026-knowbe4-hoxhunt-cofense-proofpoint-infosec-iq-mimecast-sophos-phish-threat-deep-dive.ja AIフィッシングシミュレーション & セキュリティ意識向上トレーニング 2026 完全ガイド - KnowBe4 · Hoxhunt · Cofense · Proofpoint Security Awareness · Infosec IQ · Mimecast Awareness · Sophos Phish Threat · NINJIO · CybSafe · Living Security 徹底分析 https://www.youngju.dev/blog/culture/2026-05-16-ai-phishing-simulation-security-awareness-2026-knowbe4-hoxhunt-cofense-proofpoint-infosec-iq-mimecast-sophos-phish-threat-deep-dive.ja 2026年のセキュリティ意識向上トレーニングは「従業員に偽メールを送ってクリック率を測る」だけの作業ではなくなった。GenAIが攻撃者側の参入コストを一気に下げた結果、KnowBe4・Hoxhunt・Cofense・Proofpoint・Infosec IQ・Mimecast・Sophos Phish Threat・NINJIO・CybSafe・Living Securityが同時にAI生成のおとり・リアルタイム行動分析・ディープフェイク音声/動画ビッシングシミュレーションで武装した。2024年2月のArup 2,500万ドルCEOディープフェイクビデオ通話事件、2023年9月MGM Resortsのビッシング、2022年8月Twilio SMSフィッシング、Lapsus$のMFA爆撃まで — 人間が最も弱い環であるという事実は30年変わらないが、攻撃者のツールキットがGPT-4・Claude・ElevenLabsで武装している点が違う。本稿はKnowBe4 PhishER、Hoxhunt適応型トレーニング、Cofense Triage、Proofpoint Closed-Loop Email Analysis、GoPhishオープンソース、NIST Phish Scale、NIS2・PCI DSS 4.0・ISMS-P・APPI規制、韓国KISA・金融保安院の模擬訓練、日本のNRI Secure・TrendMicro・IERAEまで一気通貫で整理する。22のH2章と80本超の実事例・ツール・URLレファレンス。 Sat, 16 May 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) phishing-simulationsecurity-awarenessknowbe4hoxhuntcofenseproofpoint-awarenessinfosec-iqmimecast-awarenesssophos-phish-threatninjiocybsafe日本語 https://www.youngju.dev/blog/culture/2026-05-16-ai-phishing-simulation-security-awareness-2026-knowbe4-hoxhunt-cofense-proofpoint-infosec-iq-mimecast-sophos-phish-threat-deep-dive AI 피싱 시뮬레이션 & 보안 인식 훈련 2026 완벽 가이드 - KnowBe4 · Hoxhunt · Cofense · Proofpoint Security Awareness · Infosec IQ · Mimecast Awareness · Sophos Phish Threat · NINJIO · CybSafe · Living Security 심층 분석 https://www.youngju.dev/blog/culture/2026-05-16-ai-phishing-simulation-security-awareness-2026-knowbe4-hoxhunt-cofense-proofpoint-infosec-iq-mimecast-sophos-phish-threat-deep-dive 2026년 보안 인식 훈련은 더 이상 "직원에게 가짜 메일을 보내고 클릭률을 측정하는" 단순 작업이 아니다. GenAI가 공격자 측의 진입 비용을 가파르게 낮춘 결과, KnowBe4·Hoxhunt·Cofense·Proofpoint·Infosec IQ·Mimecast·Sophos Phish Threat·NINJIO·CybSafe·Living Security가 동시에 AI 생성 미끼·실시간 행동 분석·딥페이크 음성 보이싱 시뮬레이션으로 무장했다. 2024년 2월 Arup 2,500만 달러 CEO 딥페이크 영상통화 사건, 2023년 9월 MGM Resorts 보이싱, 2022년 Twilio·Cisco 사례, Lapsus$ MFA 폭격까지 — 사람이 가장 약한 고리라는 사실은 30년째 변하지 않았지만, 공격 도구가 GPT-4·Claude·ElevenLabs로 무장한 점이 다르다. 이 글은 KnowBe4 PhishER, Hoxhunt 적응형 훈련, Cofense Triage, Proofpoint Closed-Loop Email Analysis, GoPhish 오픈 소스, NIST Phish Scale, NIS2·PCI DSS 4.0·ISMS-P·APPI 규정, 한국 KISA·금융보안원 모의훈련, 일본 NRI Secure·TrendMicro·IERAE까지 한 호흡에 정리한다. 22개 H2 챕터에 80개 이상의 실제 사건·도구·URL 레퍼런스. Sat, 16 May 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) phishing-simulationsecurity-awarenessknowbe4hoxhuntcofenseproofpoint-awarenessinfosec-iqmimecast-awarenesssophos-phish-threatninjiocybsafe