Management Is Most Vulnerable To Attacks
By Christine Kern, contributing writer
As cyberattacks escalate, enterprises need to be aware of vulnerabilities and protect accordingly.
According to Verizon’s 2016 Data Breach Investigations Report which analyzed an astounding 100,000 digital security incidents last year, cybercriminals continue to succeed at stealing corporate and personal data and records by the millions. And a recent study by SANS found 95 percent of all attacks on enterprise networks are the result of successful spear phishing, with the average loss on such attacks costing some $4 million, according to Ponemon Institute. The escalation of cyberattack places greater emphasis on the identification of vulnerabilities and the proactive protection of systems from hackers.
To this end, IronScales has released data collected from more than 100 organizations globally from sectors such as finance, banking, and telco and the numbers reflect their performance in the first simulated phishing attack. The data revealed that one of the greatest vulnerabilities actually comes from management.
IronScales found the most vulnerable departments for phishing are management (60 percent); finance (56 percent); sales (52 percent); HR (47 percent); business development (46 percent); R&D and QA (42 percent); technical support and customer services (41 percent); infrastructure (36 percent); legal (34 percent); and operations (32 percent).
“Even I was taken aback by the numbers we found,” Eyal Benishti, CEO of IronScales admitted in an emailed statement. “There have been some notorious phishing attacks, but the criminals have become very clever about how they disguise their malware, often behind official-looking messages. They’ve developed such sophisticated tools that they continue to fool people at the top, but IronScales is here to stanch the phishing tide.”
Headquartered in Raanan, Israel, IronScales was founded by alumni of the Israel Defense Forces’ elite Intelligence Technology unit and incubated in the 8200 EISP, the top program for cyber security ventures. The IronScales team is comprised of security researchers and penetration testing experts, as well as specialists in the field of effective interactive training.
IronScales protocol creates awareness and proactive behavior in your employees, emphasizing everyone has a stake in intercepting phishing attacks, helping to turn awareness into mitigation. Worker buy-in is promoted through gamification of the phishing training and simulation.
Once an attack is detected the alarm is triggers the execution of IronScales forensics including Multi AV, sandbox scan, and other proprietary analyses against ransomware, malware, bots, spam, spoofing, pharming, and general phishing attacks.
“Various factors that influence the results, such as the volume of email a particular employee deals with on a given day or how used they are to handling request from outside of the organization. However, regardless of who, what and where, IronScales solutions reduce the impact of cybercrime on the bottom line,” concludes Benishti.