60% of Organisations Cyber attacks are Spread by Their Own Employees

This blog post relates to Castleton, one of our previous brands. For more information please read the press release.

When you think of cyberattacks, the assumption is that it’s a simple matter of “the bad guy sends an email, the user gets fooled, the user clicks malicious content, and the badness happens.” But the State of Email Security 2020 report from Mimecast sheds some light on some of both the how and why attacks are still successful.

According to the report:

• 51% of organizations have been impacted by ransomware in the last 12 months
• 58% saw phishing attacks increase
• 60% have seen an increase in impersonation fraud
• 82% have experienced downtime from an attack

These numbers aren’t good – too many organisations are feeling the pain of email-based cyberattack, despite knowing the problem is only getting worse. So, why are organisations proving to be such easy targets for email-based cyber attacks?

According to the report, it’s a problem-riddled combination of issues involving your people, processes and technology. In essence, the lack of sufficient presence of all three play a role. From the report:

• An average of 41% of orgs don’t have a system in place to monitor for and detect malicious content in emails (Technology)
• 55% of orgs don’t provide security awareness training on a regular basis (Process)
• 60% of orgs have experienced their own employees being responsible for spreading a malicious email (People)

With 60% of orgs believing they will be the victim of an email-borne attack in the coming year, organisations need to be taking steps to protect themselves with a security strategy that addresses all three issues. But, because no solution is 100% foolproof, it’s equally as important to ensure users are continually educated using Security Awareness Training, to keep them from participating in the spread of malicious emails.

Request A Demo: Security Awareness Training

New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. Continuous training and simulated phishing are both needed to mobilise users as your last line of defence.

Request your one-on-one demo of our security awareness training and simulated phishing platform and see how easy it can be.

Contact us today for your FREE security pack & STAY SAFE from the cyber-criminals.