The managing human risk in phishing whitepaper leverages latest research on how organisations can better manage human risk in relation to phishing.
Despite many organisations now employing technical solutions to help limit the number of phishing emails landing in employees’ inboxes, cybercriminals have been utilising emails to phish their victims for 30 years without notable reductions in breaches.
Attackers continue to find increasingly sophisticated ways of bypassing these solutions with employees left making the decision on whether a communication is malicious or not. Once bypassed cybercriminals employ social engineering strategies to subtly manipulate recipients into responding to emails in the desired manner.
Employees continue to be the ultimate phishing combatant due to current limitations in technology, yet their own constraints are often misunderstood. Organisations are now applying more focus to human-based interventions however more needs to be done in relation to what an employee requires to become competent, motivated and feel socially empowered to keep their organisation secure.
To mitigate human risk in phishing, organisations (and the tools they choose to employ) must offer interventions that work within human cognitive constraints whilst considering all aspects that can influence behaviour.
DOWNLOAD THE WHITEPAPER TO LEARN:
Why current employee phishing interventions are not resulting in significant reductions in breaches and find out six solutions that will help organisations move closer to mitigation.