Phishing Identified As Most Concerning Security Threat In Two Local Reports

 

Two recently released reports have highlighted that Phishing attacks continue to be a major threat and problem for organisations in New Zealand and Australia.

In New Zealand the latest NCSC Cyber Threat Report outlines that they recorded 396 incidents for the 2016-17 year, an increase of 58 over the previous year. Phishing remains the most common delivery mechanism for threats because individual users remain vulnerable to deception, frequently clicking on malicious links or opening malicious attachments.

The report goes on to say that the ongoing success of common techniques, such as Phishing and publically known vulnerabilities, demonstrates that adversaries are able to stay ahead without much effort. Their report unfortunately does not breakout local statistics on Phishing.

However, in the second report coming out of Australia which was commissioned in Q1 2017 by PhishMe and delivered by Censuswide (an international market survey consultancy) shows that 89% of Australian IT professionals surveyed have dealt with security incidents originating from deceptive emails, yet nearly half feel unprepared to respond to such threats.

The report highlights that despite technology investments, Australian-based organisations are flooded with suspicious emails targeting employees. 85% of respondents confirmed to be utilising computer based training solutions and 66% are using email gateway filtering to protect against phishing attacks.

According to the Ponemon Institute, malicious or criminal attacks account for 48% of data breaches in Australia, with the number of yearly attacks averaging 18,000. In line with phishing response trends emerging from the US and UK markets, Australian-based organisations claimed to be almost as unprepared to combat phishing attacks despite having dealt with more email-related incidents.

Key findings from the survey include:

  • 89% have dealt with security incidents originating from a deceptive email
  • More than 60% have faced an email threat more than once
  • Over a third of respondents see more than 500 suspicious emails weekly
  • Nearly all respondents have between one and four security layers already in place
  • Email-related threats are Australia’s biggest security concern
  • Over 50% of respondents highlighted technology alone isn’t the answer to phishing
  • 95% of surveyed IT professionals plan to upgrade their phishing response and prevention

To compile the Australian report Censuswide surveyed one hundred select IT professionals, largely senior decision makers, on phishing response strategies. The sample represented firms belonging to a variety of industries including business services, high tech, manufacturing, healthcare, financial, retail & wholesale trades, transportation, consumer services and telecommunications. All participants joined voluntarily and no telemarketing techniques were implemented.

So what to do?

NCSC don’t see that phishing activity will decrease in the near future and nearly half of the surveyed organisations in Australia stated that they feel ill-prepared to process and adequately respond to such threats.

MPA has recently signed a partnership deal with PhishMe, the leading provider of human-focused phishing defence solutions for organisations concerned about their susceptibility to today’s top attack vector.

Phishing is the primary method of entry in cyber-attacks world-wide and many high profile breaches emanate from a single, successful phish. Since it typically takes more than 200 days to detect a breach, organisations need to focus their efforts on prevention and response to neutralise these highly successful attack methods.

Even with record investments, the number of breaches attributed to phishing attacks continues to grow. It’s obvious that technology alone can’t solve the problem. That’s why PhishMe solutions focus on engaging the human–your last line of defence after a phish bypasses other technology–for better prevention and response. PhishMe delivers a comprehensive human phishing defence platform focused on fortifying employees and enabling incident response teams to quickly analyse and respond to targeted phishing attacks.

To view NCSC report CLICK HERE

The full report from Census and PhishMe is available for download here.

Limited offer - Free Phishing Simulation* – we have 5 free simulations on offer – Do you wish to turn your employees into an active line of defence? – email sales@mpa.co.nz

*Subject to terms and conditions.

Bruce Armstrong -
Consultant 

Bruce has a background in sales and marketing and has spent many years in IT in both Wellington and Auckland. He has worked for the large multi-nationals Microsoft and HP, and in more recent times has focused on information security solutions and products, and cloud infrastructure and delivery. Based in Wellington Bruce manages sales in the Wellington and Southern regions for MPA.  

Bruce has an ability to work with partners to get the best outcome in complex IT problems, and work through options and issues. With a love of all things technology and a dislike of techno-babble, Bruce is a great guy to talk to about your security and IT plans and projects.


Latest Security Problems Solved

Privileged Password Management - Pitfalls to consider More >
SIEM matures, however landscape changes. More >
What Does It Take To Lower Your Mobile Cost Of Ownership? More >
2014: The Year Encryption Comes of Age More >
Our Solutions
Security Solutions

We work with leaders in the fields of data protection, authentication and perimeter security to protect your organisation and manage any threats with the most effective security systems. More >

Technical Services

MPA New Zealand Ltd provides a range of technical services to compliment the vendor technology our company brings to the local market. More >