Некоммерческая
организация поделится реальными примерами фишинговых электронных писем, чтобы
способствовать обучению сотрудников
It’s not uncommon for a cybersecurity vendor to commission a study on a controversial topic to attract attention to its products and services. However, one vendor recently released the findings of its phishing study of more than 82,000 individuals from four organizations. To sum up the findings, too many employees continue to click on malicious links that could compromise their organization’s data and information security. Moreover, the study found that, “Staff employed in IT related roles are no less susceptible to phishing than the rest of the organization.”[1] While some may read this finding and question the efficacy of phishing awareness training, it’s important to remember that not all IT experts are trained on cybersecurity topics; and therefore, many don’t have any more specific phishing awareness than other employees.
Still, the results of the phishing study indicate more work is needed. To raise global awareness of the issue, CRI is launching a weekly #PhishingFriday campaign. This global campaign will bring more attention to the threat of phishing attacks and the damage they can do to individuals and organizations. We will share real-world examples of phishing emails and encourage others to do the same. You can participate in our campaign on Twitter, Facebook, and LinkedIn and share your own examples.
At the Cyber Readiness Institute (CRI), we don’t assume that an IT professional is aware of all key cyber readiness issues (i.e., Phishing, Passwords, Software Updates, Removable Media). Instead, we design our phishing awareness and other free cybersecurity training to be accessible for all employees within an organization. This approach allows an organization with little-to-no in-house cybersecurity expertise to take immediate steps to enhance their cyber readiness while building a culture of cyber awareness across the workforce.
Since 91% of all cyber-attacks start with a phishing email compromise, according to research from security software firm Trend Micro, CRI works with members, partners, and champions to offer practical solutions to the issue in our free guides and resources. While many organizations may have IT staff, they often don’t have a dedicated person responsible for ensuring the organization is cyber ready. That’s why CRI offers tailored training for individuals to become Cyber Leaders within their organization. By designating a Cyber Leader, an organization has a clear knowledgeable point of contact for employees with cyber-related questions or concerns.
Over the coming weeks, join our #PhishingFriday campaign by posting your own examples of phishing messages you’ve received. The more we share, the more people become aware of threat.
[1] F-Secure (2022). To Click or Not To Click. https://www.f-secure.com/content/dam/press/en/media-library/reports/to-click-or-not-to-click.pdf