Ransomware: Industries Most at Risk

By:  |  Category: Blog, Security Thursday, January 25th, 2018  |  No Comments

Ever wonder how hackers target their victims? It seems certain industries are more prone than others.

According to a new study from KnowBe4 on the phishing statistics for top industries, small insurance companies have the highest percentage of phish-prone employees in the small to mid–size organization category. Not-for-profit organizations are hit the most in the large organization pool.

The research, compiled from more than six million users across nearly 11,000 organizations, gauges real-world phishing results. On a positive note, data shows a major decrease in careless clicking to just 13 percent 90 days after initial cybersecurity training and simulated phishing and an even steeper drop down to 2% after 12 months of combined phishing and computer based training.

Researchers anonymously tracked users by company size and industry in 3 areas:
1. A baseline phishing security test
2. Results after 90 days of combined computer based training and simulated phishing
3. The results after one year of combined computer based training and phishing is encouraging:

“What this data from KnowBe4 emphasizes is that one of the biggest issues affecting organizations is still that of the human element. Ultimately, you could have all the security systems in the world, and adopt a multi-layered approach, but if it isn’t driven from the top down, then it has little effect. The most successful companies that we work with are the ones that have taken cyber and information security into the boardroom and have it as a number one priority,” Andy Miles, CEO of ThinkMarble, said to Help Net Security.

“Executives and Directors have a responsibility and a duty to protect their companies and people and, just like they take Health and Safety seriously for fear of financial and reputational repercussions, the same approach needs to be adopted for basic cyber hygiene principles. Week in, week out, we see businesses being compromised and held to ransom. What will it take for this issue to be taken seriously in the boardroom? We should take the lead from the New York State, Department of Financial Services, that has implemented new regulations in which it is no longer a matter of what ‘should’ be done but what ‘must’ be done to comply and protect the data and information held within the business. If the boardroom can’t understand and get the basics right, then there is a good chance they will suffer an attack,” Miles concluded.

If your business needs assistance with cybersecurity training give EnhnacedTECH a call at 714-970-9330 or contact us at [email protected]

Source Image: https://unsplash.com/photos/fkvdNRIew6A

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller

Latest posts by Samantha Keller (see all)

Leave a Comment
Read previous post:
Cybercriminals: Profile of a Hacker

Cybercriminals don't fit a certain profile and they certainly don't all wear hoodies and slouch around as the media likes...