A KnowBe4 co-sponsored study by Osterman Research shows majority of security concerns are directly related to phishing, however nearly 80% see no improvement in the phishing problem and a third see the problem getting worse
Data breaches, phishing and malware threats have proliferated as cyber criminals become more sophisticated and their methods stealthier. A new study shows five out of six of the most serious security focused concerns of IT decision makers are directly related to phishing or the aftermath of a successful phishing attack. Malware infiltration is getting worse; the study showed 67% of networks surveyed were successfully infiltrated by malware through email and another 63% through web surfing. In addition, 23% were uncertain how they were infiltrated.
According to KnowBe4 CEO Stu Sjouwerman, “With 122 billion emails being sent every hour, opportunities for phishing or spear-phishing abound. It is becoming easier than ever to gather personal information and use this to tailor a spear-phishing email to a CEO or finance executive and use it to pilfer millions of of dollars just using email. Effective security awareness training can mitigate this risk.”
Further results of the study show:
Only 1 in 5 organizations (21%) say their phishing problem has improved
Just 22% are getting good results with training end users on detecting and dealing with phishing threats.
A mere 8% use a human firewall approach to phish test and train users
A small minority of just 14% uses phishing tests on employees
51% use a yearly breakroom approach or do nothing at all to train employees
26% do short monthly training videos
Sjouwerman further noted, “The consequences of these growing cyber threats can be devastating. It can be the loss of millions of sensitive customer data records to the loss of intellectual property like trade secrets or marketing plans. Massive potential losses are the result of not preventing or effectively mitigating these threats. Effective programs like Kevin Mitnick Security Awareness Training and automated simulated phishing tools are far more cost effective than dealing with the fallout of a data breach.”
For more information or to get a free phishing test to see how “phish-prone” your employees are, visit www.knowbe4.com
Security awareness training: http://www.knowbe4.com/
email volume stats: http://www.emailisnotdead.com/
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.
About Kevin Mitnick
Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.