Since the beginning of the Covid-19 pandemic almost a year ago, the US FBI has reported a 300% increase in cybercrimes.
Now, more than ever, it's important for your firm to be prepared for cyber-attacks by enhancing your cybersecurity posture. Spear-phishing attempts are one of the most common cyber-attacks firms and employees have to defend against. Phishing occurs when an attacker attempts to steal data by tricking someone into opening an email, text message, or other form of communication that contains malicious links or attachments.
Spear-phishing, a more in-depth form of phishing, targets a specific person or firm. An attacker may pose as a person you know from your organization, send you a link in an attempt to trick you into providing sensitive information, or get you to download what appears to be a document, but is actually a virus or malware.
Phishing attacks account for more than 80% of reported cybersecurity incidents and $17,000 is lost to these attacks every minute.
When it comes to cybersecurity, your employees are your firm’s first line of defense. This is why we provide our clients with a comprehensive, annual cybersecurity education program as part of our multi-layered defense-in-depth strategy. In addition to this training, we encourage our clients to take advantage of our simulated employee phishing test campaigns.
At Abacus, we utilize KnowBe4, a leader in security awareness and training solutions, to conduct our tests which help a firm’s employees identify and prevent phishing attacks. The phishing tests leverage multiple email templates sent at random times throughout a two-week period. Sent randomly to a firm’s employees, they include a fully-automated phishing attack that utilizes commonly used tactics and educational landing pages.
At the bare minimum, we encourage our clients to have all of their employees participate in at least one annual simulated phishing test campaign. In response to increased cyber-attacks since the start of the COVID-19 pandemic, we’re now providing an option for our clients to participate in quarterly testing.
Phishing test reports are one of the many documents and reporting capabilities we provide clients via our abacusPortal to assist with due diligence questionnaires from investors and stakeholders. Each employee’s behavior with regard to how they respond to simulated phishing tests is captured by the KnowBe4 system and the results guide subsequent cybersecurity training. We provide our clients with real-time visibility of their employees’ test results within their portal while a phishing test campaign is ongoing. And, we also provide a comprehensive report at the conclusion of each campaign.
At a time when cyber-attacks, particularly spear-phishing attempts, are so common, it's crucial that you do everything you can to prevent an incursion. By adding simulated phishing tests to your toolkit, you can enhance your firm's cybersecurity posture and keep your employees and data safe.
These Stories on Blog