CSO Online reports that the survey was conducted with 377 IT professionals and showed that about half of the cost was a result of productivity losses.
This is because the average employee spends over four hours a year on phishing scams.
The other costs can be broken down as follows:
- 27% – responding to a data breach due to a compromised credential
- 10% – direct costs of addressing compromised credentials
- 9% – dealing with the risk of a data breach caused by malware
- 6% – direct costs of containing malware
According to Ponemon, companies that implement staff awareness training see improvements of between 26% and 99% in their phishing email click rates.
The average improvement rate of staff awareness training programmes is 64%.
The 2015 Verizon Data Breach Investigations Report lists phishing as the second most common threat vector, causing about 25% of all data breaches last year.
IT Governance’s Phishing Staff Awareness e-learning course, combined with the Phishing Attack Simulation, can help companies avoid the risk of a data breach by increasing staff vigilance and knowledge of how to avoid phishing attacks.