Much like the It (the clown), phishing goes by many names, has become much more adept at preying on the hopes and fears of individuals, and is growing rapidly as criminals learn which techniques are most effective.
Ninety-four percent of large businesses in the U.S. have a cybersecurity policy, according to the 2017 Cybersecurity Survey by Clutch, and most of them have had a policy for more than three years. U.S. enterprises are more likely to have a cybersecurity policy than most global organizations (two-thirds of which lack a formal cybersecurity policy), and policies most commonly include required security software, backups, scam detection and security incident reporting protocols.
If you thought phishing emails were going away anytime soon, think again. According to Symantec’s July Intelligence report, “one in every 1,968 emails” during the 31-day month was a malicious phishing message – the highest rate in the past 12 months.
Until the massive U.S. Target store credit and debit card data breach in 2013, the lasting impact of cybercrimes was a relatively unknown experience to most consumers, and it wasn’t on the top list of HR onboarding topics either.
To combat the problem, the IRS updated its computer files to identify more fraudulent returns, and the major tax preparers have increased their security. However, as individuals’ tax returns are becoming more difficult to manipulate, thieves are taking aim at data belonging to tax return preparers and tax professionals, the payroll community, small employers and human resource departments.
According to Symantec’s Monthly Threat report, the number of web attacks almost doubled in April of this year alone, up from 584,000 per day to 1,038,000 per day.
A recent survey by Rapid 7 found that security professionals are struggling to detect and investigate incidents because the monitoring solutions available do not provide visibility into today’s modern IT environments and cannot give users the insight they need to make decisions quickly.
As our lives become more and more digital and increasingly connected, information security (infosec) seems to have become a continuous cycle of good and bad news.
For a long time now, people (employees, users) have been touted as ‘the weakest link’ because of the tendency to make mistakes or try to bypass cumbersome processes, with no malicious or criminal intent in mind,” says Anthony Lim, Senior Cybersecurity Advisor, Asia Pacific, for Frost & Sullivan and Vice-Chair for (ISC)2 Application Security Advisor Council.