Phishing and Social Engineering Cause Over Half of Cyber Incidents

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
The Business Continuity Institute (BCI) has called for improved user education and cyber resilience after revealing that nearly two-thirds (64%) of global firms have experienced at least one cyber “disruption” in the past year.

The BCI’s latest Cyber Resilience Report comprises interviews with 734 respondents from 69 countries, and found one in six (15%) had experienced at least 10 disruptions in the 12-month period.

A BCI spokesman confirmed to Infosecurity that “disruption” refers in this case to “any cyber event that has a negative impact on the organization.”

Phishing and social engineering were the primary cause of more than half (57%) of disruptions, highlighting the urgent need for improved user education.

Those figures echo findings from this year’s Verizon Data Breach Investigations Report (DBIR), which revealed phishing was a part of 21% of attacks in 2016, up from only 8% the year previous.

With time of the essence when it comes to dealing with a threat, it’s disappointing that 67% claimed it takes their organization over one hour to respond to an incident, while 16% said it can take over four hours.

A third (33%) said that the ensuing disruption following an attack cost the firm more than €50,000 (£44K, $57K) while 13% experienced losses in excess of €250,000 (£222K, $284K).

One in five SME respondents (18%) reported cumulative losses of more than €50,000, a big deal for smaller firms.

On the plus side, 87% of organizations polled reported having business continuity arrangements in place to respond to cyber incidents.

The WannaCry epidemic and this week’s ‘NotPetya’ attacks have shown just how fragile major organizations’ IT infrastructure is.

Big name firms including DLA Piper, Maersk, Merck, WPP and others have all been struck by the latest ransomware ‘worm’ to use NSA exploits and a host of other propagation and infection techniques.

David Thorp, executive director at the BCI, argued that IT silos need to be broken down if firms want to improve their resilience to such threats.

“Co-operation is key to building cyber and organizational resilience,” he added. “Different disciplines such as business continuity, information security and risk management need to come together, share intelligence and start speaking the same language if they want to build a safer future for their organizations and communities.”
 

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
While training can help minimize the risk. You will still have click happy people.
Yes for sure. ;)

QJMethc.jpg
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top