Email Security Blog

Why CISOs Are Losing Sleep Over Phishing

Agari October 2, 2015 Cybercrime
Fallback Featured Image

Want to know what really keeps CISOs up at night? A recent article entitled, “Phishing Threats Cause Sleepless Nights for Security Pros” answers this question. According to HIMSS Senior Director of Research Jennifer Horowitz, it’s phishing that’s responsible for all the tossing and turning.

There’s good reason for concern among CISOs; email phishing is one of the key types of security incidents organizations say they face. In fact, according to a 2015 cyber security survey, one-third of respondents indicated they’d already been victimized by an email-based attack.

“A whopping 87% of survey respondents say data security has become vastly more important as a business priority for their organizations. And of those, more than two-thirds (69%) of respondents say the threat of a phishing attack is a top reason,” cites Horowitz.

Significant security incidents are nothing new, but the sophistication by which phishing scams target organizations and people is on the rise. According to Horowitz, “Certain employees may be targeted by cyber crooks because of their position – for the job title they have, and the types of information to which they may have access.”

What may be even more disturbing is that many organizations are not prepared to deal with such attacks. “While many are bulking up their network security protections and doing risk assessments, fewer than one-quarter of poll respondents said their organizations had tried to improve their readiness with mock phishing exercises,” she explains.

Clearly, phishing represents a major risk that needs to be mitigated. A recent HIMSS report states, “These threats need to be addressed not only with technological innovation and processes, but also with security awareness, training and preparedness exercises.”

Fortunately, there is hope for CISOs to finally rest easy when it comes to phishing. According to Horowitz, it all comes down to being proactive. “Many of our respondents are starting to operate as though they have already been compromised. You have to have that mindset.”

Read the full article here

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

July 10, 2019 Ronnie Tokazowski

‘Til Death Do Us Part… Romance Scams and the BEC Game

When we think of business email compromise (BEC), the first thing that comes to mind…

Agari Blog Image

June 5, 2019 Crane Hassold

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

There is no denying that business email compromise (BEC) is big business, with losses exceeding…

Agari Blog Image

April 25, 2019 Crane Hassold

Bitcoin: The Next Evolution in BEC Cash Out Methods?

Historically, business email compromise (BEC) threat actors have used wire transfers as a means to…

Agari Blog Image

April 18, 2019 Ronnie Tokazowski

Do You Know Where Your W-2 Is? Probably Where You Left It

It’s like clockwork. Every year around tax time security vendors (even us!) push out warnings…

Agari Blog Image

April 4, 2019 Crane Hassold

Evolving Tactics: London Blue Starts Spoofing Target Domains

In December, the Agari Cyber Intelligence Division (ACID) published a report on a business email…

mobile image