Employees are often seen as the weakest link in a company’s security strategy because no matter how much you have invested in processes and technology to reduce/fight cyber crime, it takes only a single click on a malicious link in a phishing email to jeopardise your whole company’s security.
Despite phishing attacks increasing in number – 557,964 since January 2016, according to APWG – employees are still not aware of what phishing is (36% of UK adults cannot give a proper answer, said ISACA) and consequently don’t know how to avoid becoming the next victim.
Our below infographic shows a few examples of the consequences international companies faced following staff-related security incidents that started with a phishing attack.
Ethical hackers can help
What better way to assess your staff resistance to phishing scams than testing them with a mock phishing attack? With the IT Governance Simulated Phishing Attack, our ethical hackers will target your employees with a mock spear-phishing attack to test their ability to recognise an unexpected threat. So far, 54% of all employees tested have failed, meaning they need to strengthen their awareness of phishing and how to avoid swallowing the bait.
Three-step approach to mitigating the risk of phishing attacks
- Test your employees’ vulnerability to phishing attacks with the Simulated Phishing Attack;
- Based on the test results, train your employees with the Phishing Staff Awareness e-learning course to improve their ability to recognise a phishing email;
- Repeat the mock phishing attack to assess improvement.