Enhance your Firm’s Cybersecurity Posture with Simulated Phishing Tests

Feb 16, 2021

Since the beginning of the Covid-19 pandemic almost a year ago, the US FBI has reported a 300% increase in cybercrimes.

Now, more than ever, it's important for your firm to be prepared for cyber-attacks by enhancing your cybersecurity posture. Spear-phishing attempts are one of the most common cyber-attacks firms and employees have to defend against. Phishing occurs when an attacker attempts to steal data by tricking someone into opening an email, text message, or other form of communication that contains malicious links or attachments.

What is spear-phishing?

Spear-phishing, a more in-depth form of phishing, targets a specific person or firm. An attacker may pose as a person you know from your organization, send you a link in an attempt to trick you into providing sensitive information, or get you to download what appears to be a document, but is actually a virus or malware.

Phishing attacks account for more than 80% of reported cybersecurity incidents and $17,000 is lost to these attacks every minute.

How can you protect your firm against phishing attacks?

When it comes to cybersecurity, your employees are your firm’s first line of defense. This is why we provide our clients with a comprehensive, annual cybersecurity education program as part of our multi-layered defense-in-depth strategy. In addition to this training, we encourage our clients to take advantage of our simulated employee phishing test campaigns.

How do simulated phishing tests work?

At Abacus, we utilize KnowBe4, a leader in security awareness and training solutions, to conduct our tests which help a firm’s employees identify and prevent phishing attacks. The phishing tests leverage multiple email templates sent at random times throughout a two-week period. Sent randomly to a firm’s employees, they include a fully-automated phishing attack that utilizes commonly used tactics and educational landing pages.

How often should your firm conduct simulated phishing tests?

At the bare minimum, we encourage our clients to have all of their employees participate in at least one annual simulated phishing test campaign. In response to increased cyber-attacks since the start of the COVID-19 pandemic, we’re now providing an option for our clients to participate in quarterly testing.

How do I view phishing test results for my firm?

Phishing test reports are one of the many documents and reporting capabilities we provide clients via our abacusPortal to assist with due diligence questionnaires from investors and stakeholders. Each employee’s behavior with regard to how they respond to simulated phishing tests is captured by the KnowBe4 system and the results guide subsequent cybersecurity training. We provide our clients with real-time visibility of their employees’ test results within their portal while a phishing test campaign is ongoing. And, we also provide a comprehensive report at the conclusion of each campaign.

At a time when cyber-attacks, particularly spear-phishing attempts, are so common, it's crucial that you do everything you can to prevent an incursion. By adding simulated phishing tests to your toolkit, you can enhance your firm's cybersecurity posture and keep your employees and data safe.

You May Also Like

These Stories on Blog

Background image with financial charts and graphs on media backdrop

Learn more about how your investment firm can benefit from our flexible, scalable & secure IT services.

Contact Us