A new KnowBe4 study of phishing statistics for top industries, shows small insurance companies have the highest percentage of Phish-prone employees in the small to mid–size organization category. Not-for-profit organizations take the lead in large organizations.
The study, drawn from a data set of more than six million users across nearly 11,000 organizations, benchmarks real-world phishing results. Results show a radical drop of careless clicking to just 13 percent 90 days after initial training and simulated phishing and a steeper drop to two percent after 12 months of combined phishing and computer based training (CBT).
Researchers anonymously tracked users by company size and industry at three points:
1. A baseline phishing security test
2. Results after 90 days of combined CBT and simulated phishing
3. The results after one year of combined CBT and phishing is encouraging:
“Executives and Directors have a responsibility and a duty to protect their companies and people and, just like they take Health and Safety seriously for fear of financial and reputational repercussions, the same approach needs to be adopted for basic cyber hygiene principles. Week in, week out, we see businesses being compromised and held to ransom. What will it take for this issue to be taken seriously in the boardroom? We should take the lead from the New York State, Department of Financial Services, that has implemented new regulations in which it is no longer a matter of what ‘should’ be done but what ‘must’ be done to comply and protect the data and information held within the business. If the boardroom can’t understand and get the basics right, then there is a good chance they will suffer an attack,” Miles concluded.
The recording of the full 38-minute webinar is here -- strongly recommended for a Lunch & Learn!
Free Phishing Security Test
Did you know that 91% of successful data breaches started with a spear-phishing attack?
Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone™ with our new, improved free test.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: