New Survey Reveals Employees are the Attack Surface



Traditional Security Awareness Training Employees Attack SurfaceA survey by Tanium has found that IT security professionals in the UK say that 64% of avoidable cyber attacks are due to human error, which usually involves falling for phishing attacks. More than half of the respondents said that loss of productivity would be their main concern following a cyber attack.

“The largest number of survey respondents (56 percent) speculate that ‘loss of productivity’ would have the biggest post-breach impact, followed by ‘loss of clients and/or revenue’ (52 percent),” the researchers say. “However, it’s worth noting that these two answers have a mutual association – downtime. Following two years of pandemic disruption, organisations are naturally sensitive to anything that interferes with business as usual.”

The survey also found that the majority of respondents believe that spending money on security defenses is cheaper than sustaining a cyberattack.

“Forward-thinking organisations will already be acting to pay down the technical debt of their legacy systems,” the researchers write. “85% of security pros in our survey admit that ‘it costs more to recover from a cybersecurity incident than to prevent one.’”

Tanium concludes that organizations should invest in a defense-in-depth strategy that includes employee training.

“These statistics highlight that there is ample scope for cyber teams to make improvements in many areas that are under their influence and control,” the researchers write. “As an illustration, almost half of the organisations surveyed (43 percent) said they intend to invest more in ‘employee awareness training.’ This prevention-first approach is one way to reduce vulnerabilities that are often caused by human error or lack of education on cyber matters.”

New-school security awareness training can give your organization an essential layer of defense by teaching your employees to recognize and thwart social engineering attacks.

CIO has the story.


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews