The Latest Proofpoint News
Product and Solution Information, Press Releases, Announcements
|Proofpoint’s State of the Phish Report Stresses the Need for User Training and Email Reporting as Targeted Attacks Climb|
|Posted: Thu Jan 23, 2020 02:46:31 PM|
New study finds that nearly 90% of organizations faced business email compromise (BEC) and spear phishing attacks in 2019
SUNNYVALE, Calif., January 23, 2020 -- Proofpoint, Inc., (NASDAQ: PFPT), a leading cybersecurity and compliance company, today released its sixth annual global State of the Phish report, which provides an in-depth look at user phishing awareness, vulnerability, and resilience. Among the key findings, nearly 90 percent of global organizations surveyed were targeted with business email compromise (BEC) and spear phishing attacks, reflecting cybercriminals’ continued focus on compromising individual end users. Seventy-eight percent also reported that security awareness training activities resulted in measurable reductions in phishing susceptibility.
Proofpoint’s annual State of the Phish report examines global data from nearly 50 million simulated phishing attacks sent by Proofpoint customers over a one-year period, along with third-party survey responses from more than 600 information security professionals in the U.S., Australia, France, Germany, Japan, Spain, and the UK. The report also analyzes the fundamental cybersecurity knowledge of more than 3,500 working adults who were surveyed across those same seven countries.
“Effective security awareness training must focus on the issues and behaviors that matter most to an organization’s mission,” said Joe Ferrara, senior vice president and general manager of Security Awareness Training for Proofpoint. “We recommend taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognize and report attacks.”
End-user email reporting, a critical metric for gauging positive employee behavior, is also examined within this year’s report. The volume of reported messages jumped significantly year over year, with end users reporting more than nine million suspicious emails in 2019, an increase of 67 percent over 2018. The increase is a positive sign for infosec teams, as Proofpoint threat intelligence has shown a trend toward more targeted, personalized attacks over bulk campaigns. Users need to be increasingly vigilant in order to identify sophisticated phishing lures, and reporting mechanisms allow employees to alert infosec teams to potentially dangerous messages that evade perimeter defenses.
Additional State of the Phish report global findings include the following takeaways. Specifics on North America, EMEA, and APAC are detailed within the report as well.
To download the State of the Phish 2020 report, and see a full list of global comparisons, please visit: https://www.proofpoint.com/us/resources/threat-reports/state-of-phish. For more information on cybersecurity awareness best practices and training, please visit: https://www.proofpoint.com/us/product-family/security-awareness-training.