One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8455788 |
| Date de publication | 2024-02-27 05:00:31 (vue: 2024-02-27 10:07:40) |
| Titre | Risque et ils le savent: 96% des utilisateurs de prise de risque sont conscients des dangers mais le font quand même, 2024 State of the Phish révèle Risky and They Know It: 96% of Risk-Taking Users Aware of the Dangers but Do It Anyway, 2024 State of the Phish Reveals |
| Texte | We often-and justifiably-associate cyberattacks with technical exploits and ingenious hacks. But the truth is that many breaches occur due to the vulnerabilities of human behavior. That\'s why Proofpoint has gathered new data and expanded the scope of our 2024 State of the Phish report. Traditionally, our annual report covers the threat landscape and the impact of security education. But this time, we\'ve added data on risky user behavior and their attitudes about security. We believe that combining this information will help you to: Advance your cybersecurity strategy Implement a behavior change program Motivate your users to prioritize security This year\'s report compiles data derived from Proofpoint products and research, as well as from additional sources that include: A commissioned survey of 7,500 working adults and 1,050 IT professionals across 15 countries 183 million simulated phishing attacks sent by Proofpoint customers More than 24 million suspicious emails reported by our customers\' end users To get full access to our global findings, you can download your copy of the 2024 State of the Phish report now. Also, be sure to register now for our 2024 State of the Phish webinar on March 5, 2024. Our experts will provide more insights into the key findings and answer your questions in a live session. Meanwhile, let\'s take a sneak peek at some of the data in our new reports. Global findings Here\'s a closer look at a few of the key findings in our tenth annual State of the Phish report. Survey of working adults In our survey of working adults, about 71%, said they engaged in actions that they knew were risky. Worse, 96% were aware of the potential dangers. About 58% of these users acted in ways that exposed them to common social engineering tactics. The motivations behind these risky actions varied. Many users cited convenience, the desire to save time, and a sense of urgency as their main reasons. This suggests that while users are aware of the risks, they choose convenience. The survey also revealed that nearly all participants (94%) said they\'d pay more attention to security if controls were simplified and more user-friendly. This sentiment reveals a clear demand for security tools that are not only effective but that don\'t get in users\' way. Survey of IT and information security professionals The good news is that last year phishing attacks were down. In 2023, 71% of organizations experienced at least one successful phishing attack compared to 84% in 2022. The bad news is that the consequences of successful attacks were more severe. There was a 144% increase in reports of financial penalties. And there was a 50% increase in reports of damage to their reputation. Another major challenge was ransomware. The survey revealed that 69% of organizations were infected by ransomware (vs. 64% in 2022). However, the rate of ransom payments declined to 54% (vs. 64% in 2022). To address these issues, 46% of surveyed security pros are increasing user training to help change risky behaviors. This is their top strategy for improving cybersecurity. Threat landscape and security awareness data Business email compromise (BEC) is on the rise. And it is now spreading among non-English-speaking countries. On average, Proofpoint detected and blocked 66 million BEC attacks per month. Other threats are also increasing. Proofpoint observed over 1 million multifactor authentication (MFA) bypass attacks using EvilProxy per month. What\'s concerning is that 89% of surveyed security pros think MFA is a “silver bullet” that can protect them against account takeover. When it comes to telephone-oriented attack delivery (TOAD), Proofpoint saw 10 million incidents per month, on average. The peak was in August 2023, which saw 13 million incidents. When looking at industry failure rates for simulated phishing campaigns, the finance industry saw the most improvement. Last year the failure rate was only 9% (vs. 16% in 2022). “Resil |
| Envoyé | Oui |
| Condensat | 050 144 183 2021 2022 2023 2024 2024 state 500 about access account across acted action actionable actions added additional address adults adults advance advice after against all also america among annual another answer any anyway arab are array asia asked associate attack attacks attacks sent attention attitudes august australia authentication average aware awareness bad bec behavior behaviors behind believe benchmark better between blocked brazil brazilian brazil breaches building bullet” business businesses but bypass campaigns campaigns can canadian centric challenge challenges change choose cited clear closer combining comes commissioned common compared compares compiles complex compromise concerning consecutive consequence consequences constant: controls convenience copy countries countries country covers covers: credential culture customers customers cyberattacks cybersecurity damage dangers data data day declined delivery demand departments depth derived desire detected direct discrepancy don down download dramatically dropped due east education effective effectiveness elevating email emails embracing emea emirates end engaged engineering english europe ever evilproxy evolving expanded experienced experts exploits exposed exposure factor factor” failure featured fell fewer finance financial findings findings following friendly from full gathered generative germany get global globally global 2024 good gotten grappled hacks had has help here higher highest highlighting how however human impact impacting implement improvement improving incidents include: increase increased increasing industries industry infected infection information infosec ingenious insight insights insights intellectual involving issues it: japan justifiably key knew know korean landscape last latest least let like likely live look looking loss main major many march meanwhile meet metric metrics mfa mfa phishing middle million month more most motivate motivated motivations much multifactor nearly new news non north not notably note noting now number objective observations observed occur offering often one only organizations oriented other out over overall pacific paid participants past pay paying payments peak peek penalties per perception personal phish phishing phish report points potential prioritize products professionals professionals program proofpoint property proportion pros protect provide provides questions range ransom ransoms ransomware rate rates reasons regain region regional relentless remains report reported reporting reports report reputation research resilience results revealed reveals rise risk risks risks risky said save saw scope second security security sense sentiment session severe shifted simplified simulated simulated phishing simulation slightly sneak social solution some sources south speaking spreading stands state steadily strategy strategy successful such suggests summaries sure survey surveyed suspicious sweden tactics take takeover taking teams technical technologies telephone tenth than that theft them these they the 2024 thing think those threat threats three throughout time to: toad toad took tools top to register traditionally training trends trends truth type ultimate united urgency urgent user users users using varied versus vulnerabilities way ways webinar well what when which who why will working worldwide worse worth year years your zero “resilience “silver |
| Tags | Ransomware Tool Vulnerability Threat Studies Technical |
| Stories | |
| Notes | ★★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.