Logo Header Menu

Weak employee training leaves entire industries vulnerable to phishing

The Education and Transport industries are at the highest risk of cyber attacks due to phishing, because of weak employee training Weak employee training leaves entire industries vulnerable to phishing image

Weak employee training is the main reason industries are left vulnerable to phishing cyber attacks — this is the conclusion of Proofpoint’s fourth annual 2019 Beyond the Phish report, based on data from 130 million questions answered by end users across 16 industries.

“Cybercriminals are experts at gathering personal information to launch highly targeted and convincing attacks against individuals,” said Amy Baker, vice president of Security Awareness Training Strategy and Development for Proofpoint. “Implementing ongoing and effective security awareness training is a necessary foundational pillar when building a strong culture of security. Educating employees about cyber security best practices is the best way to empower users to understand how to protect their and their employer’s data, making end users a strong last line of defence against cyber attackers.”

Cyber security training: Is it lacking in the enterprise?

As part of Information Age’s Cyber Security Month, we are looking at the importance of cyber security training and education in the enterprise. Read here

Phishing exploits industry failings

Phishing remains a leading concern for organisations worldwide.

Overall, one in every four questions in the “Identifying Phishing Threats” and “Protecting Data Throughout Its Lifecycle” categories were answered incorrectly.

The report identified that while employees have become more familiar with the hallmarks of phishing attacks and the need to protect data, knowledge gaps remain that cybercriminals can exploit — 83% of global organisations experienced phishing attacks in 2018, underscoring the urgent need to educate end users.

Phishing: Avoiding the growing threat to business data

Email phishing is becoming more sophisticated and targeted. How can firms avoid being caught out? Read here

Employee training: the best of the best

• Communications was the best performing department, with end users correctly answering 84% of questions.
• Finance was the best performing industry, with end users answering 80% of all questions correctly.
• End users in the Insurance industry delivered the best performance in three of the 14 categories analysed, specifically excelling in the “Avoiding Ransomware Attacks” category.
• Customer Service, Facilities, and Security were among the worst performing departments, incorrectly answering an average of 25% of cyber security questions asked. As these are respondent-defined department designations, the Security department could include both physical security and cyber security.
• End users in the Education and Transportation industries struggled the most, on average, answering 24% of questions incorrectly across all categories.
• Hospitality employees scored the lowest in three categories, including “Physical Security Risks,” in which 22% of questions were answered incorrectly.

“Organisations need to be persistent and thorough in their security awareness training programs considering the end user behaviours that influence and impact overall security postures. This annual report reiterates the need to go beyond the use of phishing tests to evaluate end user susceptibility and cyber threat knowledge,” continued Baker. “It’s important to remember that not all security incidents stem from an attack; many issues result from limited awareness and poor security practices. Our research has shown a significant increase in safe behaviours when organisations take a well-managed, continuous approach to training across all cyber topics.”

Effective employee training

Effective education is imperative as cybercriminals have shifted away from attacking infrastructure and are targeting individuals, making a people-centric security approach essential.

Cyber security best practice: Definition, diversity, training, responsibility and technology

As part of Information Age’s Cyber Security Month, we look at cyber security best practice – everything from defining it to the importance of training. Read here

Latest news

divider
Cybersecurity
Protecting your business from phishing scams

Protecting your business from phishing scams

19 July 2019 / The recent announcement of British Airways’ record-breaking £183 million GDPR fine has put phishing scams [...]

divider
Telecoms
AI is saving telcos money but at the expense of customer service

AI is saving telcos money but at the expense of customer service

19 July 2019 / The rollout of commercial 5G networks is rapidly gathering pace. Both the US and South [...]

divider
Media & Marketing
How are AI and data-driven campaigns changing sales and marketing?

How are AI and data-driven campaigns changing sales and marketing?

19 July 2019 / Think of sales and marketing campaigns in a traditional sense and you may well dream [...]

divider
Technology
How “skippers” disrupt the market and become aspiring unicorns

How “skippers” disrupt the market and become aspiring unicorns

19 July 2019 / Skippers are disrupting the market on their way to becoming the fabled unicorns. Luxury fashion [...]

divider
Cybersecurity
Silent Cyber: The need to define cyber insurance policies 

Silent Cyber: The need to define cyber insurance policies 

19 July 2019 / Business across all industries are now more aware than ever of the importance of employing [...]

divider
AI & Machine Learning
AI and understanding semantics — the next stage in the evolution of NLP is close

AI and understanding semantics — the next stage in the evolution of NLP is close

18 July 2019 / AI is a misnomer, or so it is often suggested. The first letter — artificial [...]

divider
News
The backlash against tech: can the tech giants survive populism?

The backlash against tech: can the tech giants survive populism?

18 July 2019 / The idea that tech destroys jobs is misleading. Innumerable studies show that it often creates [...]

divider
Construction & Civil Engineering
Digital transformation in the construction industry: is an AI revolution on the way?

Digital transformation in the construction industry: is an AI revolution on the way?

18 July 2019 / The majority of industries have begun their digital transformation journeys. Digital transformation in the construction [...]

divider
IoT and M2M
Protecting the edge of IoT as adoption rates grow

Protecting the edge of IoT as adoption rates grow

18 July 2019 / Protecting the edge of IoT is increasingly important as IoT adoption grows. During this evolution, [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest