Cybersecurity News in Asia

Features
- Featured
  
  Bridging the data science talent gap for national cyber defenses: Urgent action needed
  
  Monday, April 29, 2024, 10:16 AM Asia/Singapore | Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
News
- Featured
  
  The LockBit group may have been busted, but its code lives on
  
  Tuesday, April 30, 2024, 11:34 AM Asia/Singapore | News, Newsletter
- Featured
  
  Were cyberattackers evading detection less efficiently in 2023?
  
  Friday, April 26, 2024, 1:42 PM Asia/Singapore | News, Newsletter
- Featured
  
  How medical devices manufacturer Tuttnauer protects patient and personal-data safety
  
  Tuesday, April 23, 2024, 5:22 PM Asia/Singapore | Case Study, News
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

How likely will your employees fall for social engineering or phishing scams?

By CybersecAsia editors and webmaster webmaster | Thursday, July 14, 2022, 9:51 AM Asia/Singapore

Those who have undergone frequent, continual cybersecurity awareness testing and training are the most immune, of course…

In a cybersecurity firm’s analysis of a data set of over 9.5m users across 30,173 organizations involving around 23.4m simulated phishing security tests across 19 different industries—to discover how many employees are likely to fall for phishing or a social engineering scam—32.4% of all employees in the data that had not undergone some security training, were likely to click on a suspicious link or comply with a fraudulent request.

In some large category industries, such as Consulting, Energy & Utilities, and Healthcare & Pharmaceuticals, the percentage was over 50%.

The Asia Pacific region (APAC) showed a slightly higher tendency than the global average at 34.5% of untrained employees. Large organizations (those with more than 1,000 employees) with no prior staff security training showed a tendency of 36.7%, four percent higher than the global average in the data set.

When organizations in the data set implemented a combination of training and simulated phishing security testing (comprising monthly or more frequent security training), the tendency decreased to 17.6% after 90 days of completed training. After 12 months of training and simulated phishing security tests, the average PPP dropped to 5%, indicating that new habits had become normalized.

In the APAC region the tendency scores of small and medium sized organisations improved to 21.1% and 19.2% respectively. After one year of training, employees of small organizations showed the greatest gain, with the tendency dropping to 4.4%. For small- and medium- sized organizations, the tendency dropped to 21.1% and 19.2% respectively . After one year of training small organizations showed the greatest gain, with their PPP dropping to 4.4%.

Said Stu Sjouwerman, CEO, KnowBe4, the firm which conducted the analysis: “Given that most data breaches originate from social engineering, we cannot afford to omit the human element. Implementing security awareness training with simulated phishing testing will help to (improve protection of) organizations against cyberattacks and result in a more secure organizational culture.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Securing Industry 4.0
The world is advancing to Industry 4.0 in full swing, and this is a key …Download Whitepaper
Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

Bridging the data science talent gap for national cyber defenses: Urgent action needed

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

The LockBit group may have been busted, but its code lives on

Featured

Were cyberattackers evading detection less efficiently in 2023?

Featured

How medical devices manufacturer Tuttnauer protects patient and personal-data safety

How likely will your employees fall for social engineering or phishing scams?

Those who have undergone frequent, continual cybersecurity awareness testing and training are the most immune, of course…

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar