https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Phishing

Proofpoint: Ongoing, Targeted Training Best Defense Against Phishing

  • Written by Edward Gately
  • January 23, 2019
Phishing overtook ransomware attacks by an overwhelming margin in 2018.

A new report by Proofpoint found a 65 percent surge in enterprises compromised by phishing attacks globally in 2018.

The study analyzed tens of millions of simulated phishing emails sent to end users, nearly 15,000 responses from information-security (InfoSec) pros and 7,000 end users surveyed.

Phishing overtook ransomware attacks by an overwhelming margin in 2018. The impact of phishing is significant — attacks contributed to an increase in compromised credentials by more than 70 percent, leapfrogging malware infections to become the most commonly experienced impact in 2018, according to the study.

Proofpoint's Gretel Egan

Proofpoint’s Gretel Egan

According to another recent study – Vade Secure’s Q4 Phishers’ Favorites report – Microsoft remains the No. 1 impersonated brand. One credential can provide hackers with a single entry point to all of the apps under the Office 365 platform – as well as the files, data, contacts and other information stored in them – meaning that they can use these legitimate accounts to conduct insider attacks on colleagues or spear phishing attempts targeting business partners.

Gretel Egan, Proofpoint‘s brand communications manager, tells us the study shows a year-over-year increase in all forms of social engineering, and “we expect these threats to continue growing in scope and sophistication.”

“This presents a market opportunity for people-centric managed services that can proactively identify phishing susceptibility, measure end-user risk, and deliver regular security awareness training,” she said.

There is a common assumption that millennials and younger workers are more adept at identifying a phishing email, but the findings didn’t reflect that, Egan said.

“Baby boomers outperformed all other age groups in fundamental recognition of phishing and ransomware terminology, underscoring why organizations should not assume a younger workforce has an innate awareness of cybersecurity threats,” she said. “All age groups should be considered equally important in a security awareness training program.”

Some 57 percent of InfoSec professionals quantified a reduction in phishing susceptibility because of training programs, highlighting the effectiveness that security-awareness training can have on changing employee behavior, the study revealed. Further supporting this, 59 percent of suspicious emails reported by end users last year were classified as potential phishing, showing employees who are actively educated about malicious emails are being more diligent and thoughtful about the messages they receive, it said.

“When it comes to security awareness training programs, we found that organizations tend to issue fewer simulated phishing tests once they reach the two-year mark of their training program,” Egan said. “The threat landscape is continually changing, and new scams appear weekly if not daily. Rather than scaling back phishing simulations once organizations reach an ‘acceptable’ failure rate, MSSPs should challenge end users with more difficult security tests to keep them thinking and learning. And they should always keep an eye to emerging threats and work those themes into their campaigns, regardless of how long they’ve been testing users.”

MSSPs and other cybersecurity providers should prioritize identifying the specific individuals and/or departments that are considered “very attacked people,” she said. This insight allows organizations to employ a tailored, people-centric security approach that further educates specific departments and individuals on attack techniques and establishes greater security controls for susceptible employees, she said.

“Security awareness training and simulated phishing attacks should span many different themes – corporate, consumer, commercial and cloud – to best gauge the cybersecurity awareness of employees and their ability to recognize and avoid different lures,” Egan said. “Organizations should administer these tests monthly, and more regularly deliver commercial- and cloud-themed campaigns, as those most commonly fool users.”

For organizations that are committed to longer-term security awareness and training initiatives, average failure rates fall steadily as awareness training programs continue, with the most improvements occurring in programs that have been running for at least a year, according to the study.

Tags: MSPs Endpoint MSSP Insider Training and Policies

Related


  • Threat protection
    Critical Threat Protection Steps MSSPs, Other Partners Must Take Now
    In this second installment in our series on threat protection, vendors discuss what partners have to do this year.
  • Zero Trust Security
    3 Strategies for Selling Zero Trust in the Channel
    Switching to a zero-trust security approach reduces exposure to potential data breaches and helps drive down fixed costs.
  • Malicious hacker group
    BlackBerry Research: MSSPs Increasingly Targeted by Hacker-for-Hire Groups
    The cybercrime industry has adapted to new digital habits.
  • Threats
    Threat Protection Vendors: Why MSSPs Have to Ramp Up Efforts Right Now
    “Look no further than the headlines,” says one vendor. “You owe it to your customers,” says another.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Secureworks Debuts New MSSP Partner Track, Analytics Platform
  • Cybercriminals Now Targeting Unemployment Benefit Claims
  • How Ransomware Is Accelerating in the COVID-19 Era
  • Cowbell Cyber Debuts Partner Program to Manage Cyber Risk

Galleries

View all

Channel Partners Virtual 2021 Is the Hottest Ticket in Town

February 26, 2021

Industry Perspectives

View all

The “Roaring 20s” Are Coming

February 25, 2021

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

SASE: The Key to Mitigating Business Transformation Risk

February 22, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 17, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Ready To Add Cutting Edge IoT Solutions To Your Portfolio?

  • 1
February 25, 2021

What Is The Value Of Distribution For The Internet Of Things?

February 25, 2021

The Internet of Things (IoT): Where do You Begin?

  • 1
February 25, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Amazon WorkSpaces @awscloud DaaS client will be available on @IGEL_Technology virtual endpoint client OS.… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

.@VMware cutting more workers in California as part of ongoing #workforcerebalancing. #layoffs… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

#CPVirtual is March 2-4. It’s the hottest ticket in town — any town, since it’s 100% online — so make sure you have… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

.@datto, @ThreatLocker partner to streamline #MSP secure business operations. dlvr.it/RtYvJK https://t.co/nKGnwbblNO

February 26, 2021
ChannelFutures

Infographic: Why Partner with Sierra Wireless and GetWireless? dlvr.it/RtYh1m https://t.co/KcBFzXIx7l

February 26, 2021
ChannelFutures

Infographic: The Sierra Wireless Essential Series dlvr.it/RtYgxv https://t.co/CatxbRHzXr

February 26, 2021
ChannelFutures

#Threatprotection is no small matter for #MSSPs. Find out what vendors say you have to do this year to protect your… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

Cloud strategies and cybersecurity are key, and #COVID19 will have more impact than #Brexit on U.K. channel, says… twitter.com/i/web/status/1…

February 26, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X