The biggest security threat in Australia for businesses is phishing, according to a recent survey of IT professionals by anti-phishing solution provider PhishMe.
The survey was conducted on IT professionals from a wide range of industry sectors including healthcare, finance, retail, manufacturing, high-tech, services, transportation, telecoms, and consumer services.
The survey revealed that 89% of IT professionals that took part in the survey have had to deal with security incidents related to deceptive emails, and more than 60% of respondents have had to deal with more than one phishing-related security incident.
The extent that businesses are being plagued by phishing emails was clear. More than one third of respondents said their company has to deal with more than 500 phishing emails each week, highlighting the importance of phishing prevention technologies and of training employees how to recognize and respond correctly to phishing threats.
When asked about the biggest security threats faced by their organization, phishing was the number one concern. Almost half of respondents rated phishing as the biggest threat, yet felt they were still unprepared to deal with phishing threats.
Technology can help to reduce the threat from phishing by preventing phishing emails from reaching inboxes, but no solution will block all phishing messages. Virtually all respondents that took part in the survey said they had between one and four layers of security to help mitigate the threat from phishing. 50% of respondents appreciated technology alone cannot mitigate the threat from phishing.
66% said they had an email gateway solution in place to prevent malicious emails from being delivered to end users, and 85% of respondents said they are providing security awareness training to employees via computer-based training programs.
95% of respondents said that in response to the increased threat of phishing attacks, they were planning to upgrade phishing response and prevention technologies.
“The pervasiveness and sophistication of recent phishing attacks is a testament of how technology alone is not enough to defend against email-based threats,” said Rohyt Belani, CEO and Co-Founder of PhishMe. “Just as we’ve see scammers leveraged sentiments of fear and curiosity to steal sensitive patient records from Australian medical organisations, modern cyberattacks are crafted based on specific emotional triggers. With computers still unable to detect human emotions and the nuances of interpersonal communication, it is imperative for any organisation to embrace a human-focused approach towards improving cyber resilience.”