Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Nearly One-Half of IT Pros are Told to Keep Quiet About Security Breaches

    At a time when cyber attacks are achieving success in varying degrees and IT pros are keeping quiet about resulting breaches, there is one specific type of attack that has them most worried.

    Despite us all working in IT at a time where the sharing of threat data is at its highest, there is still the notion that organizations don’t want the public finding out about data breaches for fear of the repercussions to the company’s revenue and reputation.

    According to BitDefender’s 2023 Cybersecurity Assessment, it appears that 42% of IT and cybersecurity leaders have been told to keep a breach confidential — when it should have been reported. Given that 52% of organizations have experienced a data breach or leak in the last 12 months, this means a material number of attacks have gone unreported – a bit of critical information that can help shed light on threat tactics, response plan efficacy and more.

    Roger Grimes, our own resident data-driven defense evangelist had this to say about the lack of reporting breaches:

    “In my career, EVERY organization ever hacked asked EVERY employee to not tell anyone about the attack, every time. You can get in trouble for talking about it. It’s up to senior management and legal to decide who to tell when and most don’t want to tell anyone ever. That’s why legally required disclosure is important. It forces some organizations to tell some people sometimes instead of always hiding it.”

    When asked about the most pressing cyber attack techniques used, 52% of organizations are most concerned about phishing attacks, with 72% of them believing phishing attacks are increasing in sophistication.

    We need more sharing of attack details, not less. But in lieu of actionable information that other organizations can make use of to better protect themselves, the focus on protecting against phishing attacks is an impactful start – something that includes educating users on the methods, campaigns and techniques used in these attacks through Security Awareness Training.


    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top