ISMIE Risk Management invites you to their event

Inside a Business Email Compromise Attack

October 15, 2025 12:00 (CDT)
About 1 hour

About this event

Business email compromise (BEC) remains one of the most significant cyber threats facing the healthcare sector, with attackers increasingly targeting healthcare organizations, insurers and administrators to gain access to sensitive patient data and financial systems. This webinar will illustrate a typical BEC attack from the perspectives of both the threat actor and the victim. Experienced presenter Matt Dowling of Surefire Cyber will leverage authentic adversary tools to demonstrate how threat attackers gain unauthorized access to email accounts. The presentation will highlight techniques used by threat actors to circumvent multi-factor authentication (MFA) and security controls such as geofencing and employing anonymizing VPN services. Attendees will also gain practical insights into real-world threat actor methodologies and learn strategies for safeguarding against them.

Who can attend

Registration is limited to ISMIE and SEMPIC policyholders, and their employed staff.

Learning objectives

At the conclusion of this learning activity, participants will be able to:

  • Summarize the full life cycle of a business email compromise attack, from targeting to exploitation
  • Recognize how threat actors use compromised accounts to send phishing emails
  • Describe how threat actors bypass security controls such as multi-factor authentication (MFA)
  • Identify best practices for effectively safeguarding against business email compromise attacks and minimizing organizational risk

About the presenter

Matthew Dowling has over 11 years’ experience in cybersecurity consulting, taking part in hundreds of incident response cases, penetration tests and cybersecurity projects throughout his career. His offensive and defensive technical expertise, cyber industry knowledge and consulting experience provides him with the tools to effectively advise clients on securing their environment from active or imminent cyber threats. In addition to his work with Surefire Cyber, Matthew has taught Information Technology at Lincoln Technical Institute.

Accreditation

This activity has been planned and implemented in accordance with the accreditation requirements and policies of the Accreditation Council for Continuing Medical Education (ACCME) through the joint providership of the Illinois State Medical Society and ISMIE Mutual Insurance Company. The Illinois State Medical Society is accredited by the ACCME to provide continuing medical education for physicians.

Credit Designation

The Illinois State Medical Society designates this live activity for a maximum of 1 AMA PRA Category 1 CreditTM. Physicians should claim only the credit commensurate with the extent of their participation in the activity.

Disclosure

The planners, faculty, and others in control of content have no relevant financial relationships with ineligible companies.

ISMIE Risk Management

Our Passion Protects Yours

ISMIE Mutual provides superior insurance services to medical practices and providers, delivering quality, value and protection to policyholders everywhere.

View all events
Host webinars on Host webinars on Livestorm
Virtual Meetings Webinars Virtual Events On-Demand Webinars Automated Webinars Product Demos Company communication Customer training Live Q&As Employee onboarding Live events