Forget Hackers, The Biggest Internet Security Threat Is Closer to Home

Uploaded on 2015-05-01 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

source: Verizon

High profile, embarrassing data hacks like the Sony email breach and the Target credit card scandal receive the bulk of the media attention, but there's a bigger threat to Internet security that's much closer to home. 

The 2015 Data Breach Investigation Report conducted by Verizon shows that the biggest threat to your private information may actually be you!

Phishing campaigns, which send malicious emails disguised as legitimate correspondence, have become not only more prevalent but also more effective in tricking Internet users to open them. In past years, the DBIR reported that the overall effectiveness of phishing campaigns was between 10%-20%. However, in this year's report, DBIR notes that the trend has worsened "with 23% of recipients now opening phishing messages and 11% clicking on attachments." 
Unfortunately, the scammers have become far cleverer with their campaigns, according to the report.
Now, these messages are rarely sent in isolation. Many are sent as part of a slow and steady campaign. The numbers again show that a campaign of just 10 emails yields a greater than 90% chance that at least one person will become the criminal's prey.

So how can you protect yourself? The authors of the DBIR take some solace knowing that Internet users do not open or interact with 75% of phishing emails. In the past, Internet users could simply use common sense to stay safe from predatory e-mail scams, but because the phishing campaigns include smarter techniques today, the report suggested three solutions to limit the problem:

  •   Better email filtering before messages arrive in user in-boxes
  •   Developing and executing an engaging and thorough security awareness program
  •   Improved detection and response capabilities

In many cases, however, it's human diligence and not technology that represent the frontline of defense. This can be maximized in a business setting.

"One of the most effective ways you can minimize the phishing threat is through effective awareness and training," said Lance Spitzner from the SANS Institute, a cooperative research and education organization, which focuses on security issues. 

Motley Fool:  http://bit.ly/1GMnj81   Verizon: http://vz.to/1GFmIEE

« Stellar Wind: CIA analysts didn’t use the NSA’s Spy program.
Is the US - Iran Cyber War Over? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

Casaba Security

Casaba Security

Casaba are specialists in software security providing managed Software Development Lifecycle services as well as products for security testing.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

Unitrends

Unitrends

Unitrends helps IT pros do more with less by providing an all-in-one enterprise backup and continuity solution.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Ledger

Ledger

Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications using its proprietary technology.

Rocheston

Rocheston

Rocheston is an innovation company with cutting-edge research and development in emerging technologies such as Cybersecurity, Internet of Things, Big Data and automation.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Navixia

Navixia

As a leading Swiss IT security specialist, Navixia offers a global and pragmatic approach to information security.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

National Cybersecurity Consortium (NCC)

National Cybersecurity Consortium (NCC)

The NCC’s mandate is to keep Canada’s cyber and critical infrastructures and citizens safe while ensuring Canada’s global competitiveness and leadership in cybersecurity.

Cyber7

Cyber7

CYBER7 is a National Cyber Security Innovation community initiated by Israel National Cyber Directorate, Ministry of Economy and Israel Innovation Authority led by Tech7 – Venture Studio.

Strac

Strac

Eliminate Personal Data Risks from your business. Our Dataless SaaS removes the need to manage sensitive data across web, mobile apps, servers and communication channels.