Phishing attacks still a major concern for businesshttps://totalsecuritysummit.co.uk/wp-content/uploads/2019/07/Phishing.jpg 960 640 Stuart O'Brien Stuart O'Brien https://secure.gravatar.com/avatar/9defd7b64b55280442ad2d7fb546a9db?s=96&d=mm&r=g
Phishing attacks remain a global concern for organisations, with physical security and FM professionals among the most at risk through lack of knowledge.
That’s the opinion gathered from the latest 2019 Beyond the Phish report by cybersecurity company Proofpoint.
Based on data from 130 million questions answered by end users across 16 industries, the fourth annual report revealed that respondents answered one in four questions incorrectly, demonstrating a knowledge gap and need for increased cyber education.
Other key findings going that:
- Customer Service, Facilities, and Security employees are the least savvy when it comes to phishing threat knowledge, incorrectly answering an average of 25 percent of cybersecurity questions asked. As these are respondent-defined department designations, the Security department could include both physical security and cybersecurity.
- Hospitality employees scored the lowest in three categories, including “Physical Security Risks,” in which 22 percent of questions were answered incorrectly.
- Communications teams are the most savvy when it comes to phishing threats, with end users correctly answering 84 percent of questions.
- End users in the Education and Transportation industries have the weakest phishing knowledge, on average, answering 24 percent of questions incorrectly across all categories.
- Finance was the best performing industry, with end users answering 80 percent of all questions correctly.
- End users in the Insurance industry delivered the best performancein three of the 14 categories analysed, specifically excelling in the “Avoiding Ransomware Attacks” category.
“Cybercriminals are experts at gathering personal information to launch highly targeted and convincing attacks against individuals,” said Amy Baker, vice president of Security Awareness Training Strategy and Development for Proofpoint.
“Implementing ongoing and effective security awareness training is a necessary foundational pillar when building a strong culture of security. Educating employees about cybersecurity best practices is the best way to empower users to understand how to protect theirs and their employer’s data, making end users a strong last line of defence against cyber attackers.”
To download the 2019 Beyond the Phish report, and see a full list of industry comparisons click here: https://www.proofpoint.com/us/resources/threat-reports/beyond-phish