Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Report: 71 percent successfully spear-phished in 2014

    CyberEdge_ReportsAdam Greenberg at SC Magazine reported on something interesting:

    The number of successful cyber attacks against organizations is increasing, according to the “2015 Cyberthreat Defense Report” from CyberEdge Group, which surveyed 814 IT security decision makers and practitioners from organizations – in 19 industries – across North America and Europe.

    Altogether, 71 percent of respondents said that their organization's global network was compromised by a successful cyber attack in 2014 – a number that jumped up from 62 percent in the year prior – and 22 percent said that their organization experienced six or more successful attacks, according to the report.

    Not patching vulnerabilities is one reason successful attacks are on the rise, Steve Piper, CEO of CyberEdge Group, told SCMagazine.com in a Thursday email correspondence. He pointed to the report, which shows that 33 percent of organizations conduct full-network active vulnerability scans less often than quarterly, while 39 percent do so at least once per month.

    Another reason for the rise is that attackers are refining their tactics – for example, they perform reconnaissance to carry out targeted spear phishing attacks involving malware, Piper said. In the report, respondents cited phishing attacks, malware and zero-day attacks as the top threats that are causing concern.

    The issue is compounded because not enough investment is going into employee security awareness training, Piper said. “Our workforce is our last line of defense,” he said. “If employees are better trained to recognize the telltale signs of spear phishing attacks, our industry would experience far fewer successful data breaches.”

    In the report, respondents indicated that low security awareness among employees is the top inhibitor to defending against threats – furthermore, less than 20 percent said they were confident their organization has made the proper investments in training. That obviously results in employees being spear-phished.

    Other problems mentioned: mobile device management, budgets, and not having sufficient tools to get the job done. Article here. 

    Today, security awareness training programs will continue to fail until they get the same emphasis and support as technical controls. KnowBe4 has become the world’s most popular integrated Security Awareness Training and Simulated Phishing platform because it give you measurable control over your "human firewall". Find out how affordable this is for your organization today:

    Get A Quote Now

      

     

    Related Pages: Spear Phishing

     

    Return To KnowBe4 Security Blog

    Topics: Spear Phishing, Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews