Proofpoint, Inc., a leading cybersecurity and compliance company, today released its seventh annual State of the Phish report, which explores enterprise phishing experiences and provides an in-depth look at user awareness, vulnerability, and resilience. More than 75% of surveyed infosec professionals said their organizations faced broad-based phishing attacks—both successful and unsuccessful—in 2020, and ransomware infections impacted 66% of third-party global survey respondents.
HR Technology News: Adam Gerhart Named Mindshare Global CEO
This year’s State of the Phish report examines global third-party survey responses from more than 600 information security professionals in the U.S., Australia, France, Germany, Japan, Spain, and the UK, and highlights third-party survey findings of 3,500 working adults within those same seven countries. The report also analyzes data from more than 60 million simulated phishing attacks sent by Proofpoint customers to their employees over a one-year period, along with approximately 15 million emails reported via the user-activated PhishAlarm reporting button.
“Threat actors worldwide are continuing to target people with agile, relevant, and sophisticated communications—most notably through the email channel, which remains the top threat vector,” said Alan LeFort, senior vice president and general manager of Security Awareness Training for Proofpoint. “Ensuring users understand how to spot and report attempted cyberattacks is undeniably business-critical, especially as users continue to work remotely– often in a less secured environment. While many organizations say they are delivering security awareness training to their employees, our data shows most are not doing enough.”
HR Technology News: TecHRseries Interview with Janet Phillips, Vice President of People, Kong Inc.
Proofpoint’s State of the Phish report emphasizes the need for a people-centric approach to cybersecurity protections and awareness training that accounts for changing conditions, like those experienced by organizations throughout the pandemic. Survey findings reveal a lack of tailored training. For example, 90% of U.S. infosec survey respondents said their workforce shifted to a work-from-home model last year, but only 29% said they trained users on safe remote working.
“The findings related to remote working situations in the U.S. are eye-opening,” said LeFort. “Nearly all the American infosec professionals we surveyed said they supported a new, remote working model for at least half of their organization’s workers last year. And yet fewer than a third of these respondents said workers were trained about security practices related to working from home. At the same time, three-quarters of U.S. workers say they allow their friends and family to access work-issued devices to do things like shop online and play games. These gaps represent a significant risk and reinforce the need for security awareness training initiatives that are tailored to the remote workforce.”
HR Technology News: How Technology Can Aid Inclusivity