Intelligent CISO Issue 08 | Page 33

 PREDI C TI VE I NTEL L I GE NC E FYI, there’s a faster way to stop active phishing threats Phishing remains a primary concern for businesses and organisations, but there are solutions available to ensure CISOs are always one step ahead of attackers. Kamel Tamimi, Principal Security Consultant at Cofense, tells us more. L et’s talk problems. Everybody knows that phishing is a huge problem. Targeting unsuspecting humans, it’s the vector behind data breaches and theft on a massive scale. A couple of stats bear this out: email now delivers 92% of malware according to the Verizon, Data Breaches Investigations Report, 2018, while the average user receives 16 malicious emails per month according to Symantec’s Internet Security Threat Report, 2018. Organisations working on a phishing awareness problem are chasing ghosts (or simply not paying attention to the data.) Proactive companies left awareness years ago and focus on harnessing human intuition. In phishing www.intelligentciso.com | Issue 08 simulations based on real active threats, trained users perform well – in fact more report the threats instead of falling for them, often by margins of 2-to-1 or even 3-to-1. That’s according to the Cofense, State of Phishing Defense 2018. The chart you see above is based on data in the META region. You’ll see the energy industry has over 16 reporters for each susceptible user (resiliency rate). That’s not just very good, it is the best. It proves what is possible. It’s ironic that financial 33