New data shows that not only has just about every organization experienced a successful phishing attack, but that they are also paying the price in a number of impactful ways.
In email security vendor Egress’s latest Email Security Risk report, we get a glimpse into the reality of the aftermath of a phishing attack. According to the report:
- 86% of organizations experienced negative impacts following a successful phishing attack in the last 12 months
- 54% have experienced financial loss due to customer churn
- 47% have experienced reputational damage
- 30% experienced regulatory penalties
Even with a layered security strategy, according to the report, 55% of organizations say too many phishing attacks are getting past their secure email gateway. This puts the emphasis squarely on the user being the last line of defense – requiring new school continual Security Awareness Training designed to educate the user on how to identify phishing attacks before they engage with their malicious content.
According to Egress, 46% of organizations say their employees skip through training as quickly as possible, making it necessary to also employ phishing testing as the feedback loop to better understand which employees present the greatest risk by engaging with simulated phishing emails (and, therefore, require additional training).