JOHANNESBURG – January 15, 2018 – The recent release by PhishMe®, the leading provider of human phishing defence solutions, of its South Africa Phishing Response Trends Report shows some startling findings in terms of security incidents stemming from deceptive e-mails. According to the report, some 90 percent of respondents have dealt with security incidents originating from deceptive e-mails, and yet more than half of the respondents do not possess the right tools and processes to effectively mitigate such threats.
PhishMe’s South Africa Phishing Response Trends Report looked at the phishing response strategies of IT security decision-makers across a variety of industries in the South African region. The report highlights that despite technology investments, local organisations are being flooded with suspicious e-mails targeting employees, noting that 80 percent of respondents had confirmed using anti-malware solutions, with 70 percent of respondents using computer based training to protect against phishing attacks. Nonetheless, with scattered technology, processes and limited resources, the majority of respondents still feel ill prepared to adequately respond to such threats.
Additionally, according to the Ponemon Institute, South African organisations are more exposed to data breach incidents than their counterparts across the globe, having scored the highest probability of experiencing a data breach in the next 24 months. In line with phishing response trends emerging from the US and the UK markets, South African businesses claimed to be more unprepared to combat phishing attacks despite having dealt with more e-mail-related incidents. The report notes that in 2016, cybercriminals launched a digital offensive in South Africa, with attacks employing phishing and spear phishing tactics. According to Trend Micro, more than 6,000 local PCs were infected with banking malware.
Key findings from the survey include:
- 90 percent have dealt with security incidents originating with a deceptive e-mail.
- More than 60 percent have faced an e-mail threat more than once.
- Nearly 20 percent of respondents see more than 500 suspicious e-mails weekly.
- Nearly all respondents already have one security layer in place, with many respondents having more than four security layers in place.
- E-mail-related threats are South Africa’s biggest security concern.
- Over 50 percent of respondents highlighted that technology alone isn’t the answer to phishing.
- 95 percent of surveyed IT professionals plan to upgrade their phishing response and prevention.
“With the average cost of a data breach surpassing the two and a half million US dollar mark, it has become mandatory for South African organisations to rethink the way e-mail-based threats are handled internally,” said Rohyt Belani, CEO and co-founder at PhishMe. “As we have seen in other parts of the world, relying on technology alone is insufficient to defend against today’s top threats, calling for a different approach based on automated phishing incident response powered by human intelligence.”
Anton Jacobsz, managing director at value-added distributor Networks Unlimited, which distributes PhishMe solutions throughout Africa, concludes, “The best form of defence against phishing is the education of your employees as the final protection layer in a holistic defence strategy, acknowledging that technology exists for, and is used by, people, who must therefore be included in the defence chain. This strategy underscores the need today for a completely holistic approach to cybersecurity, which works across a number of different platforms and does not rely only on IT support and technology applications.”
The full report is available for download here: https://cofense.com/phishing-response-trends-south-africa/
To learn more about PhishMe’s phishing incident solutions, please visit: cofense.staging.wpengine.com
This study was commissioned by PhishMe and delivered by Censuswide, an international market survey consultant. Censuswide surveyed one hundred select IT professionals, largely senior decision-makers, on phishing response strategies. The sample represented firms belonging to a variety of industries including business services, high tech, manufacturing, healthcare, financial, retail and wholesale trades, transportation, consumer services and telecommunications. All participants joined voluntarily and no telemarketing techniques were implemented.
PhishMe is the leading provider of human-focused phishing defence solutions for organisations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defence by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organisation’s security decision making process. PhishMe’s customers include the defence industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand how changing user security behaviour will improve security, aid incident response, and reduce the risk of compromise.
Media Contact for PhishMe
Global Corporate Communications, PhishMe
About Networks Unlimited
Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Attivo Networks, Fortinet, F5, HyperGrid, Mellanox, NETSCOUT, ProLabs, PhishMe, Rackmount, RSA, Rubrik, SevOne, Silver Peak, Thales, Tintri and Uplogix. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.
Since its formation in 1994, Networks Unlimited has continually adapted to today’s progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market.
Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.
Contacts for Networks Unlimited
Source: Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview (https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03130WWEN)