Phishing, probably one of the oldest tricks in the book of cybercrime, is still very much in play. Despite efforts made by organizations and governments over these past years (from the context of awareness), the Fed’s security agency pegs 90% of all cyberattacks on phishing. This is because phishing relies on exploiting the human element (negligence and deception) that can neither be programmed, predicted nor foiled by technology alone.
But not all is doom and gloom. Empirical evidence suggests that employees who receive security awareness training are far better at recognizing security threats than those that haven't received any form of structured training.