A recent report by cyber security company Proofpoint highlighted that 55% of all organisations were successfully breached by phishing scams in 2019.
Proofpoint’s 2020 “State of the Phish” report uses insights from nearly 50 million simulated phishing attacks as well as survey responses from over 600 IT security professionals and evaluated the cyber security knowledge of over 3,500 employees in the UK, France, Germany, Spain, the USA, Australia and Japan.
As well as discovering that 55% of organisations head to remediate at least one successful attack, the report highlighted that cyber security professionals are reporting increased social engineering attacks:
Further to the increase in phishing attacks (figures indicated more than 9 million phishing attacks were reported in 2019, an increase of 67% on 2018’s figures), the report also discovered that phishing attacks are also increasing in complexity as malicious individuals draw on social engineering techniques in a bit to increase the effectiveness of their attacks.
As many as 78% of companies included in the study’s survey reported that security awareness training activities led to quantifiable reductions in their vulnerability to phishing attacks.
Joe Ferrara, senior vice president and general manager of security awareness training for Proofpoint, says, “effective security awareness training must focus on the issues and behaviours that matter most to an organization’s mission.” He adds:
“We recommend taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognize and report attacks.”
Successful phishing attacks can have a significant impact on your organisation and your employees really are your last line of defence to defends against these attacks. Any employee can be the recipient of a phishing email and it only takes one click on the wrong link or attachment for your organisation to be put at risk. As the report highlights, all employees, no matter their role in the organisation benefit from education on the tactics malicious individuals use to attack their victims and how to effectively defend against them.
Empowering your employees and providing with them with effective training will give them the skills to identify these attacks and ignore, delete or report them, ensuring your organisation is kept safe.
At SES we can provide Phishing Assessments to establish the awareness of phishing threats which exists within your organisation and Security Awareness Training to give your employees the awareness to identify and defend against these threats. For more information, please get in touch to speak to one of our specialists.
© SES Secure Limited and ses-escrow.co.uk, 2020. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.