In its eleven edition, the Verizon Data Breach Investigations Report (DBIR) continues to be a wealth of information for security professionals. The report focuses on data breaches, defining such breaches as "An incident that results in the confirmed disclosure— not just potential exposure—of data to an unauthorized party." A few of the highlights of the DBIR are listed below.
49% of non-point-of-sale malware was installed via malicious email
74% of cyber-espionage actions within the public sector involved phishing
Motives for phishing are split between financial (59%) and espionage (41%)
70% of breaches associated with a nation-state or state-affiliated actors involved phishing
17% of breaches were social attacks
12% of breaches involved actors identified as a nation-state or state-affiliated
24% of breaches affected healthcare organizations
58% of data breach victims are categorized as small businesses
Information security is a prime concern for all businesses. One factor that continues is the fact that employees play a key role as they are a key part of a layered security strategy. PhishingBox provides end-user security awareness training to mitigate the threat from phishing and other malicious emails.
Protect Your Employees (And Your Clients)!
Running simulated phishing tests will determine your employees' susceptibility to social engineering and phishing scams. Train your employees and help them identify spear phishing and ransomware attacks.