To Reduce Vulnerability, Focus on Managing Risk, Not Eliminating It
When you couple the human factor with the sheer volume of attacks and the single-minded focus of cybercriminals, it is clear that cybersecurity risks are not going anywhere. In the end, though, the volume of phishing emails and sites detected aren’t nearly as important as the quality of the attacks and the impact to individuals and to businesses.
Cybercrime has clearly proven its value to attackers. For the first time, the latest Crime Survey for England and Wales (CSEW) tracked statistics about cybercrime for the full year of its survey period. Out of the 11.8 million identified incidents of crime — which included those affecting both individuals and businesses — 5.6 million were attributed to fraud and computer misuse, which nearly matched all other incidents combined.
If end-user risk management is not part of your cybersecurity plan…what are you waiting for? In specific, a security awareness and training program can offer a cost-effective, result-driven way to quickly impact end-user risk and generate improvements over time.
Choose Your Awareness and Training Tools (and Partners) Carefully
Our security awareness training methodology is about continuity, raising awareness over time, and using cybersecurity education tools to teach your employees how to apply best practices that will improve the security of personal and organizational data and systems. While our customers have seen measurable results — some very impressive — we would never tell you that anti-phishing training is your gateway to a 0% click rate. Frankly, claims of those types of results just don’t pass the sniff test. Because humans are in the equation and all humans are fallible, 0% vulnerability is an unrealistic — and unattainable — goal.
What is realistic is risk reduction. A cybersecurity strategy that includes technical safeguards and employee security awareness and training will you the best opportunity to lower attack success rates and minimize the impact that cybercrime can have on your organization.
Subscribe to the Proofpoint Blog