https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Phishing

Proofpoint: Ongoing, Targeted Training Best Defense Against Phishing

  • Written by Edward Gately
  • January 23, 2019
Phishing overtook ransomware attacks by an overwhelming margin in 2018.

A new report by Proofpoint found a 65 percent surge in enterprises compromised by phishing attacks globally in 2018.

The study analyzed tens of millions of simulated phishing emails sent to end users, nearly 15,000 responses from information-security (InfoSec) pros and 7,000 end users surveyed.

Phishing overtook ransomware attacks by an overwhelming margin in 2018. The impact of phishing is significant — attacks contributed to an increase in compromised credentials by more than 70 percent, leapfrogging malware infections to become the most commonly experienced impact in 2018, according to the study.

Proofpoint's Gretel Egan

Proofpoint’s Gretel Egan

According to another recent study – Vade Secure’s Q4 Phishers’ Favorites report – Microsoft remains the No. 1 impersonated brand. One credential can provide hackers with a single entry point to all of the apps under the Office 365 platform – as well as the files, data, contacts and other information stored in them – meaning that they can use these legitimate accounts to conduct insider attacks on colleagues or spear phishing attempts targeting business partners.

Gretel Egan, Proofpoint‘s brand communications manager, tells us the study shows a year-over-year increase in all forms of social engineering, and “we expect these threats to continue growing in scope and sophistication.”

“This presents a market opportunity for people-centric managed services that can proactively identify phishing susceptibility, measure end-user risk, and deliver regular security awareness training,” she said.

There is a common assumption that millennials and younger workers are more adept at identifying a phishing email, but the findings didn’t reflect that, Egan said.

“Baby boomers outperformed all other age groups in fundamental recognition of phishing and ransomware terminology, underscoring why organizations should not assume a younger workforce has an innate awareness of cybersecurity threats,” she said. “All age groups should be considered equally important in a security awareness training program.”

Some 57 percent of InfoSec professionals quantified a reduction in phishing susceptibility because of training programs, highlighting the effectiveness that security-awareness training can have on changing employee behavior, the study revealed. Further supporting this, 59 percent of suspicious emails reported by end users last year were classified as potential phishing, showing employees who are actively educated about malicious emails are being more diligent and thoughtful about the messages they receive, it said.

“When it comes to security awareness training programs, we found that organizations tend to issue fewer simulated phishing tests once they reach the two-year mark of their training program,” Egan said. “The threat landscape is continually changing, and new scams appear weekly if not daily. Rather than scaling back phishing simulations once organizations reach an ‘acceptable’ failure rate, MSSPs should challenge end users with more difficult security tests to keep them thinking and learning. And they should always keep an eye to emerging threats and work those themes into their campaigns, regardless of how long they’ve been testing users.”

MSSPs and other cybersecurity providers should prioritize identifying the specific individuals and/or departments that are considered “very attacked people,” she said. This insight allows organizations to employ a tailored, people-centric security approach that further educates specific departments and individuals on attack techniques and establishes greater security controls for susceptible employees, she said.

“Security awareness training and simulated phishing attacks should span many different themes – corporate, consumer, commercial and cloud – to best gauge the cybersecurity awareness of employees and their ability to recognize and avoid different lures,” Egan said. “Organizations should administer these tests monthly, and more regularly deliver commercial- and cloud-themed campaigns, as those most commonly fool users.”

For organizations that are committed to longer-term security awareness and training initiatives, average failure rates fall steadily as awareness training programs continue, with the most improvements occurring in programs that have been running for at least a year, according to the study.

Tags: MSPs Endpoint MSSP Insider Security Training and Policies

Most Recent


  • Man's silhouette behind a transparent cell graphic and the letters RMM
    Hackers Use Legitimate RMM Software to Steal from Federal Employees
    Attacks on RMMs have caused "insurmountable" losses for SMBs.
  • INtelisys AMP'd Newport Beach 2023
    Intelisys AMP'd Images: Partners Explore B2B Purchasing Trends, CX, Security Solutions
    Customers "literally don't know" how their own buying journey works, and that's an opportunity for partners.
  • Slow investment
    The Gately Report: Cybersecurity M&A, Investment Likely to Cool Somewhat in 2023
    Meantime, the FBI prevented more than $130 million in ransom payments to the Hive ransomware group.
  • Momentum
    Microsoft Security Now $20 Billion Business with 'Tremendous Momentum'
    One analyst says there's few legitimate obstacles in its path for further growth.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Security Vulnerability
    Older Fortinet Vulnerabilities Lead to Attack on Local Government Office
  • Threats
    Cybersecurity and Threat Protection: MSSPs, Get Your Advice Here
  • DevSecOps
    ServiceNow, Microsoft Set to Deliver Broad SecOps Integration
  • Dunce Cap Businessman
    Tired of MSSPs ‘Failing,’ Nuspire Debuts Platform to Combat Cyberattacks

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

7 Channel People Making Waves This Week at 8×8, Intel, Google Cloud, RingCentral, More

January 27, 2023

Intelisys AMP’d Images: Partners Explore B2B Purchasing Trends, CX, Security Solutions

January 27, 2023

Intel Earnings ‘A Crime Scene,’ ‘Astonishingly Bad,’ ‘Historic Collapse’

January 27, 2023

Industry Perspectives

View all

Make the Most of the Gift of Time in 2023

January 25, 2023

Strong Partnerships Ease Challenging UPS Upgrade

January 24, 2023

The Advantages of Managed Networking and Security During Economic Uncertainty

January 5, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

Security Secrets of the MSP 501: How to Be a Cyber Leader in 2023

December 15, 2022
  • 1

Cybersecurity Certifications: Their Evolving Role in the Fight Against Increasing Attacks

December 13, 2022

White Papers

View all

Overcoming Your Endpoint Security Limitations with a Skeleton Crew

October 25, 2022

Embracing the Zero Trust Mindset For Endpoints

October 24, 2022

Endpoints are the Destination

October 24, 2022

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

Cybersecurity advisory warns of hackers' malicious use of #RMM. @CISACyber dlvr.it/ShYRwg https://t.co/zsBvQWqOYY

January 27, 2023
ChannelFutures

Reaction to #Intel earnings coming in fast and furious. Find out what investors are saying, and how CEO Pat Gelsing… twitter.com/i/web/status/1…

January 27, 2023
ChannelFutures

Our latest #GatelyReport looks at #cybersecurity M&A, investment with @progresspartner, @cyber_advisory, @FBI Hive… twitter.com/i/web/status/1…

January 27, 2023
ChannelFutures

.@channelsmart says plan and boost client #retention efforts to reduce #churn. dlvr.it/ShXvhj https://t.co/4jyHPCjTBn

January 27, 2023
ChannelFutures

The CEO of @Mitel discusses the likely outcomes of buying @Atos Unify. Note: @RingCentral will play a role post acq… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

.@msftsecurity surpasses $20 billion in annual revenue, analysts say it's a formidable #cybersecurity market conten… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

The adoption of cloud-based services ☁️ has spiked in the last few years and is among the top growth segments. See… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

[email protected], @NICECXone, @lumencpp, @CiscoPartners joined @IntelisysCorp and partners for a day of marketing worksho… twitter.com/i/web/status/1…

January 26, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X