Discover resources and strategies for building effective security awareness training programs. Posts cover curriculum design, engagement techniques, compliance requirements, and methods for measuring training impact to reduce human-related security incidents across organizations.
posts
The Inbox Is the Front Door — And It's Wide Open According to the 2021 Verizon Data Breach Investigations Report, phishing is involved in 36% of all confirmed data breaches. That number jumped 11 percentage points from the year before. Let that sink in — more than a third of
Every Great Attack Starts With a Setlist In July 2021, a single phishing email gave a threat actor access to credentials at a Florida IT management firm, triggering the Kaseya VSA ransomware attack that cascaded to over 1,500 businesses worldwide. One click. One employee. One email that someone didn&
One Click Cost Colonial Pipeline $4.4 Million In May 2021, a single compromised credential shut down the largest fuel pipeline in the United States. Colonial Pipeline paid a $4.4 million ransom to a threat actor group called DarkSide. The entry point wasn't some exotic zero-day exploit.
In March 2021, a single phishing email led to a credential theft incident at a European banking authority that exposed personal data from thousands of email accounts. The attack wasn't sophisticated. It didn't exploit some exotic zero-day vulnerability. It started with a convincing email and a
Earlier this year, the FBI's Internet Crime Complaint Center (IC3) reported that phishing schemes were the most reported cybercrime in 2020, with 241,342 complaints and adjusted losses exceeding $54 million. Now the threat is evolving fast. The FBI warns Gmail users of sophisticated AI-driven phishing attacks that
In March 2021, Google disclosed that it blocks more than 100 million phishing emails daily — and Gmail remains the single largest target for sophisticated credential theft campaigns worldwide. The FBI's Internet Crime Complaint Center (IC3) reported that phishing was the number one crime type by victim count in
36% of All Breaches Start With a Phishing Email The 2021 Verizon Data Breach Investigations Report made something painfully clear: phishing was involved in 36% of all confirmed data breaches — up from 25% the year before. That's not a trend. That's an escalation. And if your
91% of Cyberattacks Start With Fake Mail That's not a guess. The Verizon 2021 Data Breach Investigations Report confirmed that phishing was present in 36% of breaches — up from 25% the year before. And when you broaden the lens to include all forms of social engineering delivered through
In January 2020, the FBI and CISA issued a joint advisory warning organizations about a wave of vishing attacks targeting remote workers. By mid-2021, the problem has only gotten worse. The FBI's Internet Crime Complaint Center (IC3) reported over 240,000 phishing, vishing, and smishing complaints in 2020
In July 2021, a single phishing email gave attackers access to an employee's credentials at a Florida-based managed service provider, ultimately cascading into the massive Kaseya VSA supply-chain ransomware attack that hit over 1,500 businesses worldwide. One email. One click. Billions in damages. If you've
