Enterprise organizations, on average, take more than three days to discover and remove phishing emails that passed their security defenses and landed in employee inboxes.
Contributing to the delay is a combination of factors, including a lack of investigative tools, security resources, and employee awareness.
Barracuda Network recently analyzed data gathered from some 3,500 organizations in a bid to better understand what happens after a phishing email ends up on a user system. The analysis shows an average organization with around 1,100 employees experienced around 15 incidents per month where phishing email got past their malware- and email- filtering tools. An average of 10 employees were impacted in each of these incidents.
Mike Flouton, vice president, products at Barracuda, says the attacks that do get through enterprise defenses typically tend to be highly targeted and focused on a small set of selected users within an organization.
"So it's not the case that 10 users received emails and others didn't because it was blocked, but rather attackers targeted 10 users only to begin with," Flouton says.
Email security tools have generally become very efficient at blocking large-scale attacks, he says. Rather, it's often social engineering attacks that are much smaller in scale that get through.
Phishing continues to be one of the primary attack vectors for threat actors looking for an initial entry point into an enterprise network. Malware hidden in email attachments or on sites to which users are directed after clicking on an email phishing link have caused more compromises in recent years than almost any other attack vector. Verizon's "2021 Data Breach Investigations Report" (DBIR) showed phishing to be the cause for s ..
Support the originator by clicking the read the rest link below.
