“Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities.
December and January saw a dramatic upward swing in Phishing. It has since leveled off, but still remains the top attack vector among cyber criminals. While most organizations are aware of the phishing problem, many still struggle with how to deal with it. Disconnects between practitioners and decision makers need to be looked at, but on the whole, users are not prepared to confront this ever-changing threat.
A recent study conducted by Osterman Research surveyed 252 cross-industry security professionals from the US and UK. Among its key findings, the survey revealed that decision makers are four times more likely than security practitioners to consider email security the highest priority. This suggests that security personnel believe they have a sufficient handle on phishing prevention while the C-Suite still sees substantial business risk. The report also suggests organizations do not have proper training and controls in place to confront the phishing problem.
Key research findings: