14% of Office Workers Still Cannot ID Phishing
By: Jim Stickley and Tina Davis
November 3, 2017
Even with all the talk about ransomware and botnets, phishing continues to be the bread and butter of cybercriminals. That’s because to the security professionals’ shock and awe, it continues to succeed. This is even as 70% of employees admit they do receive cybersecurity risk training (per a study by Intermedia). And because 14% of office workers still cannot identify phishing attacks, these scams are higher in number than ever. Even with training, 21% of workers still fell prey to an attack, per the survey.
Scammers continue to be proficient at social engineering. That is the technique used to trick someone into performing a function they may not otherwise, such as clicking a malicious link or opening an attachment that infects a network.
No matter how many tools are put into place by any organization, they are never going to catch all phishing attempts. While they are recommended, it’s awareness and training that will keep the organization out of the headlines for suffering a data breach. There are many ways to accomplish this, but whatever is chosen, it should be a continual training program that presents current threats and how to mitigate them.
Phishing scams are not stagnant. They are constantly changing and many of them take advantage of current events. Simply presenting some reading material once a year is insufficient.
Take some time to look into awareness and cybersecurity education programs to find the one that fits your organization best. It may mean hiring a full time employee to create and manage a program. It may also mean hiring it out to a third party, which may be more cost effective. Whatever you choose, remember to test your employees on the material and follow up with additional training if needed.
IRONSCALES reported that 90-95% of all successful cyberattacks are due to phishing and 93% of security professionals agree that it can’t be left up to tools. Humans and technology should work together to prevent these from being successful.