Phishing and Social Engineering Cause Over Half of Cyber Incidents

Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
The Business Continuity Institute (BCI) has called for improved user education and cyber resilience after revealing that nearly two-thirds (64%) of global firms have experienced at least one cyber “disruption” in the past year.

The BCI’s latest Cyber Resilience Report comprises interviews with 734 respondents from 69 countries, and found one in six (15%) had experienced at least 10 disruptions in the 12-month period.

A BCI spokesman confirmed to Infosecurity that “disruption” refers in this case to “any cyber event that has a negative impact on the organization.”

Phishing and social engineering were the primary cause of more than half (57%) of disruptions, highlighting the urgent need for improved user education.

Those figures echo findings from this year’s Verizon Data Breach Investigations Report (DBIR), which revealed phishing was a part of 21% of attacks in 2016, up from only 8% the year previous.

With time of the essence when it comes to dealing with a threat, it’s disappointing that 67% claimed it takes their organization over one hour to respond to an incident, while 16% said it can take over four hours.

A third (33%) said that the ensuing disruption following an attack cost the firm more than €50,000 (£44K, $57K) while 13% experienced losses in excess of €250,000 (£222K, $284K).

One in five SME respondents (18%) reported cumulative losses of more than €50,000, a big deal for smaller firms.

On the plus side, 87% of organizations polled reported having business continuity arrangements in place to respond to cyber incidents.

The WannaCry epidemic and this week’s ‘NotPetya’ attacks have shown just how fragile major organizations’ IT infrastructure is.

Big name firms including DLA Piper, Maersk, Merck, WPP and others have all been struck by the latest ransomware ‘worm’ to use NSA exploits and a host of other propagation and infection techniques.

David Thorp, executive director at the BCI, argued that IT silos need to be broken down if firms want to improve their resilience to such threats.

“Co-operation is key to building cyber and organizational resilience,” he added. “Different disciplines such as business continuity, information security and risk management need to come together, share intelligence and start speaking the same language if they want to build a safer future for their organizations and communities.”
Click to expand...
 
  • Like
Reactions: Andy Ful, ElectricSheep, Der.Reisende and 3 others
frogboy

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
In2an3_PpG said:
While training can help minimize the risk. You will still have click happy people.
Click to expand...
Yes for sure. ;)

QJMethc.jpg
 
  • Like
Reactions: ElectricSheep, Der.Reisende, Deletedmessiah and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
AV-TEST Europe: Cyber-Incidents in Numbers: Year 2023
Replies
1
Views
440
Security Statistics and Reports
Bot
Bot
MuzzMelbourne
    • Like
    • Applause
    • Wow
How AI Can Help Organizations Adapt and Recover From Cyberattacks
Replies
0
Views
746
News Archive
MuzzMelbourne
MuzzMelbourne
Practical Response
    • Like
    • +Reputation
Security News MITRE Response to Cyber Attack in One of Its R&D Networks
Replies
0
Views
1,337
Security News
Practical Response
Practical Response

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top