VERIZON’S 2021 DATA BREACH INVESTIGATIONS REPORT SHOWS THAT PHISHING CONTINUES TO BE THE TOP THREAT ACTION USED IN SUCCESSFUL BREACHES. CYBERCRIMINALS STOLE LOGIN CREDENTIALS IN 85% OF BREACHES LINKED TO SOCIAL ENGINEERING.
Cybercriminals never take holiday. In fact, 2020 gave them reason and renewed motivation to ramp up their nefarious efforts. Phishing incidents nearly doubled in frequency from 2019 to 2020, from 114,702 incidents in 2019, to 241,324 incidents in 2020, according to the U.S. Federal Bureau of Investigation (FBI). Overall, phishing held sway as the most common type of cyber crime last year, according to the FBI.
The idea that technology can prevent all cyber-related incidents has never been further from the truth because cybercriminals know the easiest way in is through your people. Security leaders must understand that there is no such thing as a perfect, fool-proof, impenetrable secure environment. Many organisations fall into the trap of trying to use technology as the only means of defending their networks and forget that the power of human awareness and intervention is paramount in arriving at a highly secured state.
Every security leader faces the same conundrum: even as they increase their investment in sophisticated security orchestration, cyber crime continues to rise. Security is often presented as a race between effective technologies and clever attack methodologies.
Yet there’s an overlooked best practice that can radically reduce an organisation’s vulnerability: security awareness training and frequent simulated social engineering testing.
