The Symantec Internet Security Threat Report continues to be a valuable resource for companies to understand current threat vectors.  The report highlights current threats and provides specific statistics related to these threats. Some of the key findings from the threat report include, but are not limited to, the following:
  • 71.4% of targeted attacks involved the use of spear-phishing emails
  • 80% increase in malware attacks on Macs
  • 46% increase in new ransomware variants
  • 40% increase in ransomware infections
  • 600% increase in attacks against IoT devices
  • 54% increase in mobile malware variants
  • 13% increase in reported vulnerabilities
  • 7% increase in zero-day vulnerabilities reported
  • 29% increase in industrial control (ICS) related vulnerabilities
  • 55% of email is spam
  • 1 in 13 URLs analyzed at corporate gateways are found to be malicious
  • 7,710 organizations are hit by a business email compromise scam every month
Phishing, along with other threat vectors remains a serious concern for businesses.  As part of a layered security strategy, phishing awareness training and testing is a key component of a sound information security program.