IT Security

Phishing Attacks Become A Serious Threat To Businesses

The latest survey by software recommendation site GetApp found that an overwhelming majority (98%) of senior managers say phishing attacks are a concern for their company, with 23% saying it is a serious concern.

Editorial Desk
Editorial Desk

New research shows that 9 in 10 senior managers believe that phishing attacks are becoming a serious threat to businesses and 89% say phishing attacks are becoming harder to detect due to their sophistication.

With technology playing an important role in remote work, GetApp surveyed 561 respondents in Australia, including 346 employees, 215 senior or executive managers and business owners. The study examines how phishing attacks affect organisations and what SMEs can do to combat these threats.

The research found that 57% of those surveyed have been targeted multiple times at work, with 33% experiencing a 10-20% increase in the last three years.

Of the phishing attacks respondents received at work, 49% of the attacks impersonated a company, and 40% imitated a bank.

Analyst at GetApp Australia, Andrew Blair, said, “Companies that wish to instil robust and proactive security procedures to their operations need to reduce the margin of human error that can result in a data breach.

According to Blair, coupling employee learning with software solutions can help mitigate security risks, especially phishing

“Organisations should keep up their guard with continuous learning and up-to-date software solutions to keep up with the evolving phishing attacks that proceed one another.” he said

Phishing Attacks At Work

While businesses must remain vigilant across all communication channels, 90% of respondents say they have experienced phishing attacks at work via email, compared to SMS (28%), phone calls (20%) and social media (9%).

GetApp’s survey shows that 75% of senior managers recognised a phishing attack after receiving it at work and reported it to the appropriate team, compared to only 61% of employees.

Ignored Phishing Attacks

51% ignored or deleted a phishing attempt after realising it was fraudulent. 74% of senior managers say that their company already uses anti-phishing software. Of these respondents, an overwhelming 97% said the software successfully prevents phishing attacks regularly (72%) or does so occasionally (25%).

Anti-Phishing Software

Of respondents who said their company does not have anti-phishing software (17%) or were unsure if their company did (9%), only 15% said there are no plans to implement it. On the other hand, 69% of those respondents said that their company plans to adopt the software soon.

Employee Phishing Awareness Training

The study shows 81% of senior management say their company has implemented employee phishing awareness training. Of this group, 88% believe the training helped prevent phishing attacks and reported a reduction in successful attacks.

52% of those with phishing training at work believe spending on phishing awareness training will decrease or remain the same. Less than half (47%) expect increased spending in the next two years.

Cyberattack Readiness

The Australian Securities and Investments Commission (ASIC) is advising senior leadership, including board directors and executives, to enhance their readiness for cyberattacks.

ASIC’s enforcement measures may involve legal action against companies that fail to take adequate measures to safeguard their information systems from cyber threats.

This caution comes precisely one year after significant cyberattacks targeted Optus and Medibank in Australia. How are senior managers addressing the challenges of cyber warfare, and what specific areas are they concentrating on to fortify their defenses against phishing attacks?

The most recent Notifiable Data Breaches Report released by the Office of the Australian Information Commissioner (OAIC), phishing constituted 19% of cyber incidents leading to data breaches.

Additionally, the OAIC has issued a warning to Australian companies, emphasising the need for robust and proactive procedures to manage data breaches and secure consumer information.

How Businesses Are Utilising Phishing Awareness Training?

Clare O’Neil, the Australian Minister of Home Affairs and Cyber Security, unleashed a reality check at the AFR Cyber Summit. She straight-up laid it out, saying, “Hey, private sector, get your act together!”

According to O’Neil, these companies need a serious upgrade in their governance game – we’re talking about audits, risk assessments, and the whole shebang.

And that’s not all; she’s calling them out on developing their own policies, training, practices, and building up some cybersecurity education and cultures of their own.

But wait, there’s more. A whopping 81% of senior management claim they’ve thrown in some phishing awareness training for their employees.

And get this, 88% of those folks believe that this training is the superhero cape against phishing attacks, boasting a drop in successful phishing hits. It’s like a success story in the making.

Now, here’s the real deal on how they’re throwing punches at phishing. Sixty percent of these companies are resorting to talks – probably some serious sit-downs where they lay it all out about what phishing attacks are and how to dodge ’em.

Then, you’ve got 58% turning to explanation videos, because apparently, we’re all in this YouTube era of fighting cybercrime. But here’s the kicker – only 39% are using a formalised program for continuous learning. It’s like they’re half-committing to the battle against cyber threats.

So, O’Neil dropped the mic, and now it’s on these companies to step up their game and not just talk the talk but walk the walk in the war against phishing attacks.

Additionally, 52% of those with phishing training in place in their company believe there will be a decrease in spending or it will stay the same suggesting that companies don’t have continuous learning programs in place.

Just over two-thirds (67%) of senior managers whose company uses anti-phishing software anticipate they will increase spending on it over the next two years. 

The pervasive and evolving nature of phishing attacks has undeniably transformed them into a formidable threat to businesses worldwide.

As technology continues to advance, so do the tactics employed by cybercriminals, making it imperative for organisations to adopt a proactive and multi-layered approach to cybersecurity.

The consequences of falling victim to phishing attacks extend beyond financial losses, encompassing damage to reputation, loss of customer trust, and potential legal ramifications.

Collaboration within the industry, information sharing, and staying abreast of the latest phishing trends are vital components of a resilient cybersecurity strategy.

As businesses continue to digitise and leverage technology for competitive advantage, the threat landscape will only become more sophisticated

By Editorial Desk
The TBN team is a well establish group of technology industry professionals with backgrounds in IT Systems, Business Communications and Journalism.
Previous Article Tech News - CSIRO $18m Tech4HSE Program $18m Tech4HSE Program Unites Leading Researchers In Emerging Technologies
Next Article Tech News referoo connectid Australia Referoo Joins ConnectID in Australia First Move Bringing Digital ID to Recruiters
Leave a comment

Leave a Reply

New research shows that 9 in 10 senior managers believe that phishing attacks are becoming a serious threat to businesses

Tech Articles

Influence Of Artificial Intelligence (AI) On Humanity

The Rising Influence Of Artificial Intelligence (AI) On Humanity And Identity

Humanity in Transition: The Rising Influence of Artificial Intelligence on…

Bad Bot Traffic Levels Rise For The Fifth Consecutive Year - 2024

Bad Bot Traffic Levels Rise For The Fifth Consecutive Year

For the fifth consecutive year in a row, bad bot…

IT managed services Australia

The Rise Of Managed IT Services In Australia

As we stand at the crossroads of technological advancement and…