At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Executives are four times more likely to be victims of phishing than workers

    Ivanti on Tuesday reported that despite a stunning 97% of security pros saying that their organization is now “as prepared” or “more prepared” to defend against cybersecurity attacks than they were a year ago, 1 in 5 “wouldn’t bet a chocolate bar” they could prevent a damaging breach.

    The report also found that while roughly half of respondents say they are “very prepared” to meet the growing threat landscape, expected safeguards such as deprovisioning credentials are ignored one-third of the time, and nearly half say they suspect a former employee or contractor still has active access to company systems and files.

    The report also revealed that leaders also engage in dangerous behavior and are four times more likely to be victims of phishing compared with office workers. Some other findings:

    • More than 1 in 3 leaders have clicked on a phishing link.
    • Nearly 1 in 4 use easy-to-remember birthdays as part of their password.
    • They are much more likely to hang on to passwords for years.
    • And, they are five times more likely to share their password with people outside the company.

    Cybersecurity professionals are inundated with a constant barrage of cyberattacks, while simultaneously faced with budgetary constraints, limited staffing, and in many cases, minimal training, said Darren Guccione, co-founder and CEO at Keeper Security. Guccione said cybersecurity can feel overwhelming, so it makes sense that this report finds IT professionals make many of the same mistakes as those outside of their industry.

    “To avoid the trap of lazy password practices, it’s critical that both individuals and organizations utilize a password manager to generate strong, unique passwords for every account and store them in an encrypted vault that’s protected with a strong master password and multi-factor authentication,” said Guccione. “In a corporate environment, password managers not only enhance security, but also optimize productivity. IT administrators can easily control user password practices and enforce policies. Meanwhile, help desk personnel aren’t bogged down with password-reset tickets, and employees aren’t stuck in holding patterns due to lost or forgotten credentials.”

    Jesh Sax, technical account manager at Tanium, said despite best efforts at implementing precautions, tools, and trainings, bad actors are just waiting for that one wrong click or compromised password to get reused. Sax said the fast pace of business means that mistakes happen, even with security leaders. More important than who clicked on a phish is knowing that the organization can respond.

    Sax added that the Ivanti research definitely reflects the pressure all security teams are under today. With global unrest, financial volatility, and a public health crisis, Sax said people are bound to try and simplify their lives.

    “With all this pressure, even people who know better end up reusing passwords or not vetting emails before clicking on a link,” said Sax. “This is why having visibility into your estate and being able to respond quickly to an attack is vital in today’s landscape.”

    With thanks to the Cyber Defence Alliance and SC magazine. The full story is here: https://www.scmagazine.com/news/identity-and-access/executives-are-four-times-more-likely-to-be-victims-of-phishing-than-workers

    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top