Cyber criminals continue to refine techniques that target people rather than infrastructure, with attacks that rely more on human interaction and less on automated exploits.
Regardless of the means of attack—email, cloud applications, the web, social media, or other vectors—threat actors repeatedly demonstrated the effectiveness of the social engineering tactics that convinced victims to click malicious links, download unsafe files, install malware, transfer funds and disclose sensitive information at scale. Whether financially motivated or state-sponsored, attackers all had one thing in common: an understanding of and a willingness to take advantage of the human factor.
Based on the analysis of data collected from more than 1 billion messages per day, this report explores the role of human factors on enterprise cyber security strategy.
Important enterprise security questions addressed in this report include:
- The Top 20 phishing lures
- Ten industries most-often targeted by malware campaigns
- People-centered attack metrics that you can benchmark against your organization