How to Measure Whether Your Company Is Ready to Catch Lots of Phish

In 2021, despite companies slipping twice as many phishing decoys into their employees’ email streams than in the prior year, attackers gained entry to a whopping 83 percent of companies, a new Proofpoint report found. This second article in a two-part series describes the latest twists in social engineering techniques, key brand-name lures and how companies can gauge the success of their phish-prevention programs. It includes charts that show training results by industry and department, based on 115 million emails. Part one provided four key suggestions for boosting employee training effectiveness, described a controversy about disciplining slow-to-adjust employees and highlighted an overlooked third-party risk. See “Implementing NSA-CISA-FBI Advisory Mitigation Tactics for Vulnerabilities Exploited by Russia” (Apr. 28, 2021).

To read the full article

Continue reading your article with a CSLR subscription.