Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Why Business Is Losing The War Against Cybercrime

    iStock InfoSec

    Price Waterhouse (PwC) and CSO Magazine just released their 2013 State of Cybercrime Survey. It shows that lack of risk awareness means companies are poorly defended. This is their 11th survey and the trends are not good. Reason is that cybercrime is skyrocketing but cyber security budgets have not budged and are too low to cope with this new threat.

    The bad guys are winning the cybercrime war at the moment. It's because the good guys do not understand their enemies and because of that, they are not fighting back effectively. The survey was done over 500 U.S.  executives, security experts and others from both public and private sectors.

    Proof that awareness is low, is that actual simulated phishing attack results show that an average of 33% of C-level executives are taking the bait and fall for simple or sophisticated spear phishing attacks. 

    "There were no significant changes in C-Suite threat awareness, no spikes in spending on cyber-defense, no breakthroughs in the use of technology to combat cybercrime, and no significant change in the ability of organizations to measure the impact of both cybercrimes committed by insiders and those caused by external cyberattacks," the survey reported.

    That, according to Dave Burg, PwC Global and US advisory cyber security leader, has been the case for a decade. "(We) have seen virtually no movement by survey respondents in the past 10 years," he said.

    "Possibly the most alarming theme that came out of this year's survey results was that U.S. organizations are misjudging the severity of risks they face from cyber-attacks from a financial, reputational, and regulatory perspective," said Bob Bragdon, vice president and publisher, CSO.

    Over the last five years, cybercrime has gone pro. This is now a 3 Billion dollar industry, with a well-developed underground economy that has escrow services which allow criminals to do buy and sell services and stolen data.

    IT Security company Trend Micro's recent research showed that 91% of successful data breaches started with a spear-phishing email. This type of social engineering attack can only be repelled by high quality security awareness training for all employees from the Board down to the mail room.

    A survey like this sometimes makes for great ammo to get more security budget.

     

    Return To KnowBe4 Security Blog

    Topics: Social Engineering, Spear Phishing, Security Awareness Training, Cybercrime

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews