The Latest BlueVoyant News
Product and Solution Information, Press Releases, Announcements
|Phishing Still the Top Attack Vector|
|Posted: Fri May 22, 2020 04:40:18 PM|
Written by Curt Buchanan and Michael Warren, Senior Research Analysts at BlueVoyant
“Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities.
December and January saw a dramatic upward swing in Phishing. It has since leveled off, but still remains the top attack vector among cyber criminals. While most organizations are aware of the phishing problem, many still struggle with how to deal with it. Disconnects between practitioners and decision makers need to be looked at, but on the whole, users are not prepared to confront this ever-changing threat.
A recent study conducted by Osterman Research surveyed 252 cross-industry security professionals from the US and UK. Among its key findings, the survey revealed that decision makers are four times more likely than security practitioners to consider email security the highest priority. This suggests that security personnel believe they have a sufficient handle on phishing prevention while the C-Suite still sees substantial business risk. The report also suggests organizations do not have proper training and controls in place to confront the phishing problem.
Key research findings:
The survey also found that phishing emails continue to take organizations a substantial amount of time to detect, investigate and remediate. In total:
“The survey’s findings reinforce the significant challenges that email phishing attacks incur on organizations of all sizes,” said Michael Osterman, principal analyst at Osterman Research. The recent COVID-19 outbreak plays right into this. Thousands of malicious COVID-19-related
domains are being registered daily to exploit the global public’s insatiable appetite for information on the pandemic. Since the outbreak went global in February, coronavirus-themed spam has increased by 4,300%. And in just a two-week period in March, such spam skyrocketed by 14,000%.