Over half of organizations say they’ve experienced a cybersecurity breach caused by phishing in the last 12 months, dwarfing the second-place breach cause (malware) by almost 30%.
The latest data from Dark Reading’s annual Strategic Security Survey shows phishing continues to be an organization’s biggest problem. With 53% of organizations citing phishing as being the cause of a security breach (up from 51% in 2020), organizations are keenly aware of the problem that exists when mixing users, social engineering, and phishing emails.
According to the survey:
- 58% say Users being socially engineered via phishing or other scams is the most significant endpoint security concern
- 48% of respondents say that if their organization experiences a major data breach in the next 12 months, the most likely cause will be a negligent end user.
So, users are definitely the weak link in the security chain in most organizations. And this requires some shoring up of security efforts around users, including Security Awareness Training to turn the user from a security liability to an asset who aids in protecting the organization.
According to the survey, of those organizations that experienced a cybersecurity breach in the last 12 months, 23% reported network disruptions and application unavailability, 17% say they experienced a major financial loss, and 15% reported fraud.
Phishing and the user have been proven to be an effective initial attack vector. And with the potential damage an attack can have, it’s imperative to strengthen every part of your security stance – including the user.