Are Cybercriminals After You?
Cybercriminals target many industries and achieve success in most areas. How do you know if your organization is vulnerable?
Are the Bad Guys After You?
Paranoia leads individuals to believe that everyone is against them, that the FBI are chasing them, or some other menace stalks their every move. So, how about your industry? Are cybercriminals after you?
Lists of the most targeted industries tend to vary depending on the study. But the common denominators tend to be healthcare & pharmaceuticals, government, education, manufacturing, construction, business services and IT.
Results also vary depending on the size of the organization. According to a study by KnowBe4, the most phishing-prone verticals in firms with less than 250 employees are healthcare & pharmaceutical organizations then education and manufacturing. This represents a change from the previous year when construction was by far the most attacked area of small business.
Targeted by Cybercriminals
This could perhaps be a natural occurrence of success. Cybercriminals find a niche such as construction to be poorly protected. They devise attacks, achieve some success, word gets around and the entire cybercrime world goes all out attacking these easy pickings. But a series of successful hacks against construction makes that field realize it needs to invest in IT security. Phishing results diminish, and the bad guys move onto to richer pastures.
But another reason could be moving up the food chain. The survey showed that among mid-sized organizations (250 to 1000 employees), construction holds the top spot. Perhaps the bad guys used smaller fry to learn the ropes and are now plying their skills with bigger fish. Other phish-prone verticals in the mid-sized category are healthcare & pharmaceuticals and business services.
Things change when you get into large organizations of 1,000 or more employees. In this sector, IT companies are top followed by hospitality and manufacturing. It is quite shocking that the IT sector should be such an easy target for phishing. That might explain why there are so many data breaches of late.
Who came out best in terms of being the least phish-prone? Surprise, surprise – it’s large government organizations. As government size dwindles, phishing success rates increase. That said, the scores in government were not that good. They were just better than the others.
Cyberattackers Never Stop
These results clearly demonstrate that the bad guys are indeed after you. They are targeting a great many industries and achieve success in most areas. They can always find some gullible users who can be tricked into clicking when they should be thinking. They want you to open a malicious attachment, click on an infected link, or be hoodwinked into thinking a phishing email really is from someone desperate to give you money.
Smart companies educate users so they form a human firewall, are alert for the latest phishing scam, and tell their peers about a new variant of malicious traffic. Smart companies also deploy vulnerability scanners so they find out about new attack vectors and exploits before they can cause much damage. And they ensure that they always deploy critical patches in a timely manner.
How Syxsense Can Help
Syxsense provides that first line of defense against cyberattack by automating the patching of all systems. Systems are continually breached due to well-publicized patches not having been deployed across the network.