By the looks of things, phishing and ransomware are here to stay. There was a time when a wannabe hacker needed moderate coding and hacking skills, but today’s cybercriminals can use a credit card to purchase ready-made phishing and ransomware kits from the dark web.
A recent report, “Fighting Phishing: The IT Leader’s View,” published by security software firm Egress, confirmed that phishing and ransomware are causing a revolving door of break-ins and breaches for businesses. Yet, there continues to be a disconnect about the prioritization of cybersecurity at the board of directors level, the report found. The report surveyed 500 U.S. and UK IT leaders from businesses that ranged from medium to enterprise sizes.
“In addition to the disconnect at the board level, the one [report] stat that jumped out to us was the fact that 84% of surveyed organizations have suffered a phishing attack in the past 12 months,” said Jack Chapman, Egress vice president of threat research.
“That is a staggering number with all the discussions about cybersecurity that have gone on around the world this past year,” Chapman added. He noted that the large number of phishing victims suggests that threats are becoming more sophisticated and targeted.
For the organizations affected by phishing attacks, there was a relatively even split between two key tactics attackers used to deploy malware: people clicking malicious links (52%) and people opening malicious attachments (45%).
Watch this video to learn about ransomware prevention tactics and more.
The Effectiveness of Security Awareness Training
Security awareness training for employees does not appear to diminish the amount of phishing exposure. “The research found that 98% of organizations have delivered security awareness training to employees,” Chapman said. “Clearly, security awareness training alone is not enough to protect employees from phishing.”
Forty-five percent of surveyed IT leaders said their organizations change their…