Security News > 2021 > July > 40% fell victim to a phishing attack in the past month

Nearly three-quarters of respondents said their organizations have fallen victim to a phishing attack in the last year, with 40% confirming they have experienced one in the last month.

The annualized risk of a data breach resulting from mobile phishing attacks has a median value of about $1.7M, and a long tail of value of about $90M. Hackers are exploiting enterprise security gaps in the Everywhere Workplace, in which remote workers are using mobile devices more than ever before to access corporate data.

Thirty-seven percent of respondents cited a lack of both technology and employee understanding as the main causes for successful phishing attacks.

While 96% of IT professionals reported that their organization offers cybersecurity training to teach employees about common attacks like phishing and ransomware, only 30% of respondents said that 80-90% of employees had completed the training.

"Reducing the risk of phishing attacks is a race against time, in more than one dimension. Enterprise IT pros must stay ahead not only of the attackers who are constantly crafting new attacks, but also of their own users - who are shockingly quick to click on malicious links," said Derek E. Brink, VP and research fellow at Aberdeen Strategy & Research.

"To effectively combat phishing attacks, organizations need to implement a zero trust security strategy that incorporates unified endpoint management with on-device threat detection and anti-phishing capabilities. Organizations should also consider getting rid of passwords by leveraging mobile device authentication with biometric-based access to eliminate the primary point of compromise in phishing attacks."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/qCMMR2nVLxg/