Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Cyber Attacks Mean Double the Trouble in 2018

    Double_trouble

    According to the 2018 Traveler’s Risk Index, the percentage of businesses that have been the victim of a cyberattack has doubled… and most businesses aren’t even remotely ready.

    Unless you’ve been hiding under a rock, you’ve been hearing about the massive increases in various cyberattacks such as phishing and targeted attacks. The latest detail from the fine folks at Traveler’s Insurance shows a mismatched correlation between the increase in experienced cyberattacks, the assumption of pending attacks, and the ability to respond.

    According to the Risk Index, 1 in 5 businesses have suffered a data breach of cyberattack. That’s double the number from 2015. Add to that the fact that over half of businesses (52%) believe it’s inevitable that they will become a victim of a cybercrime.

    OK… so 20% have experienced an attack and half think it’s definitely going to happen. This would leave you to believe that organizations are ready for attack then, right?

    Wrong.

    Consider these stats from the Risk Index:

    • Over half (55%) of businesses haven’t completed a cyber risk assessment
    • Nearly two-thirds (62%) have no written business continuity plan
    • Nearly two-thirds (63%) have not assessed the security vendors that have access to company data
    • Half (50%) have no cyber insurance

    At a minimum, half of all businesses surveyed are not prepared for an attack.

    What’s needed – in addition to the steps implied in the data points above – is to establish a layered security strategy that addresses the common touchpoints for most cyber attacks:

    • The Perimeter – the logical one, that is. Email and web access are today’s logical perimeter. Protecting employee interaction with both will lower the risk of successful attack.
    • The User – Every phishing scam requires a user to intervene. Providing users with Security Awareness Training helps to lessen the likelihood they will fall for social engineering scams, phishing attacks, and other kinds of cyber attacks.
    • The Endpoint – Assuming the previous two security measures fail, having some kind of AV, Endpoint Protection, etc. is best practice to monitor and detect malware.

    If the Traveler’s data paints a picture of your company’s security stance, it’s time to do something about it. The 52% that think an attack is inevitable are right – be like them and begin to create your company’s security strategy.

     

    Return To KnowBe4 Security Blog

    Topics: Cybercrime

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews