Forget Hackers, The Biggest Internet Security Threat Is Closer to Home

Uploaded on 2015-05-01 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

source: Verizon

High profile, embarrassing data hacks like the Sony email breach and the Target credit card scandal receive the bulk of the media attention, but there's a bigger threat to Internet security that's much closer to home. 

The 2015 Data Breach Investigation Report conducted by Verizon shows that the biggest threat to your private information may actually be you!

Phishing campaigns, which send malicious emails disguised as legitimate correspondence, have become not only more prevalent but also more effective in tricking Internet users to open them. In past years, the DBIR reported that the overall effectiveness of phishing campaigns was between 10%-20%. However, in this year's report, DBIR notes that the trend has worsened "with 23% of recipients now opening phishing messages and 11% clicking on attachments." 
Unfortunately, the scammers have become far cleverer with their campaigns, according to the report.
Now, these messages are rarely sent in isolation. Many are sent as part of a slow and steady campaign. The numbers again show that a campaign of just 10 emails yields a greater than 90% chance that at least one person will become the criminal's prey.

So how can you protect yourself? The authors of the DBIR take some solace knowing that Internet users do not open or interact with 75% of phishing emails. In the past, Internet users could simply use common sense to stay safe from predatory e-mail scams, but because the phishing campaigns include smarter techniques today, the report suggested three solutions to limit the problem:

  •   Better email filtering before messages arrive in user in-boxes
  •   Developing and executing an engaging and thorough security awareness program
  •   Improved detection and response capabilities

In many cases, however, it's human diligence and not technology that represent the frontline of defense. This can be maximized in a business setting.

"One of the most effective ways you can minimize the phishing threat is through effective awareness and training," said Lance Spitzner from the SANS Institute, a cooperative research and education organization, which focuses on security issues. 

Motley Fool:  http://bit.ly/1GMnj81   Verizon: http://vz.to/1GFmIEE

« Stellar Wind: CIA analysts didn’t use the NSA’s Spy program.
Is the US - Iran Cyber War Over? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

Think Cyber Security (ThinkCyber)

Think Cyber Security (ThinkCyber)

ThinkCyber is a Tel Aviv-based Israeli company with a team of cybersecurity professionals who are experts in both information and operations technology.

Neupart

Neupart

Neupart provides Information Security Management System, Secure ISMS, allowing organisations to automate IT Governance, Risk and Compliance management.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

Cyberens

Cyberens

Cyberens provide cybersecurity consulting services in IT sectors relating to defense and space, banking, industrial control systems and IoT.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

QuillAudits

QuillAudits

QuillAudits offers advanced Ethereum, EOS, TRON smart contract audit, blockchain protocol security and formal verification to ensure your platform’s integrity.

Yellow Brand Protection

Yellow Brand Protection

Yellow Brand Protection operates 24/7 to protect brands' Intellectual Property (IP) from infringements on all kinds of online distribution channels.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

Secureframe

Secureframe

Companies from startups to enterprises use Secureframe to automate SOC 2 and ISO 27001 compliance, complete audits, and continuously monitor their security.

FoxTech

FoxTech

FoxTech is an independent, friendly and deeply specialised cyber security company in the UK, with expertise spanning decades of Public Sector and Government services.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.