LATEST INTELLIGENCE
PHISHING CONFESSIONS FROM SECURITY PROFESSIONALS
We asked 102 security professionals 11 questions about phishing . The topics covered the gamut : personal experience with phishing , developments making the problem worse , challenges in tackling it , approaches to phishing defence , and more . Some data on survey respondents .
Organisation size
Here ’ s what security professionals told Cofense about phishing and how they combat the threat .
Professional roles
Multiple Responses Allowed
• 200 employees or fewer – 22 %
• 200-1,000 employees – 24 %
• 1,000-5,000 employees – 17 %
• More than 5,000 employees – 37 %
• 52 % were in IT Security
• 41 % were in Security Operations
• 18 % were in Incident Response
Here ’ s what security professionals told Cofense about phishing and how they combat the threat .
80 % know someone victimised by phishing .
This tracks with findings from other sources . The Anti-Phishing Working Group ( APWG ) reports that phishing attacks are growing by 65 % annually . The average phishing attack costs a mid-sized company $ 1.6 million and , according to the FBI , Business Email Compromise ( BEC ) cost global businesses over $ 5 billion from 2013 to 2016 . If you know someone tricked by a phishing email , you ’ ve got lots of company . If you don ’ t , you ’ re in the minority . At least for now …
50 % who know a phishing victim say they ’ re co-workers .
To phishing attackers , employees are irresistible targets . It ’ s easy to trick busy , distracted human beings into activating malware or wiring corporate funds . Yet when phishing emails slip by tech defences like email gateways — and it happens all the time , even with “ next-gen email security platforms ”— users are your last layer of defence . That ’ s why thousands of organisations train with phishing simulations . Everyone ’ s a target . Not all become a victim . •
Download
whitepapers free from www . intelligentcio . com / me / whitepapers /
www . intelligentcio . com INTELLIGENTCIO
19