Ransomware attacks have gone up considerably in the last 12 months, nevertheless, phishing attacks still bring about problems for companies, based on a recent survey done by Arlington Research together with security company Egress. Nearly 3/4 (73%) of surveyed companies stated they had encountered a phishing linked data breach in the last 12 months.
The 2021 Insider Data Breach Report is based on a survey performed on 500 IT leaders and 3,000 workers in the U.S. and the U.K. The survey showed 74% of companies had encountered a data breach because of employees disobeying the rules, which further increased due to the pandemic that led many workers to work remotely. Over half (53%) of IT leaders mentioned remote work had elevated risk, which may be why the report on phishing incidents increased by 53% in the last 12 months.
The higher risk through remote working is an issue, particularly as a lot of companies plan to maintain remote working or undertake a hybrid working design down the road. 50% of IT leaders think remote/hybrid working is going to make it more difficult to avoid data breaches caused by malicious email attacks. There seems to be a disconnect since merely 61% of workers think they are less likely or just as likely to bring about a data breach while working at home.
Phishing attacks are obviously bad for companies however there is additionally a human cost to consider. In 23% of companies, workers who became victims of a phishing email that lead to a data breach were either dismissed or voluntarily quit after the episode.
Companies are being swamped by advanced phishing attacks. Hackers are creating extremely targeted campaigns that utilize smart social engineering tricks to obtain access to companies’ most sensitive information, and also jump into their supply chain. Phishing is likewise the most well-known access point for ransomware, with possibly disastrous outcomes, according to Threat Intelligence Egress VP Jack Chapman. Because of remote working, employees had become much more vulnerable. With a lot of companies preparing for a remote or hybrid model of working, phishing is a possibility that should stay central to the plan of any security team.
The survey showed an unbelievable 94% of companies had encountered an insider data breach last year. 84% of IT leaders stated human mistake was the top reason for insider breaches, though 28% mentioned that their greatest fear is malicious insider breaches.
89% of insider cases had consequences for the workers involved; nonetheless, (97%) of employees stated they would file a breach report even if they caused it, which is good considering that 55% of IT officers stated they depend on workers to notify them to security occurrences.