CEOs in need of cyber skills to deal with phishing
Executive boards are in need of improved cyber training, with half of all chief security officers hit by phishing attacks, says the results of a new survey by security company AlienVault.
The report revealed that 82% of cyber security professionals are concerned that executives in their company are susceptible to phishing emails.
In spite of such worries, just 45% offer training in cyber security to their staff, including executives, while 20% fail to conduct training, instead dealing with the consequences of cyber attacks as and when they happen.
AlienVault security advocate Javvad Malik said that the phishing threat is more widespread than it first appeared, bearing in mind the numerous tools available to prevent users from falling foul of phishing emails.
“The challenge that lies here is two-fold. Firstly, most phishing scams that target execs are well-crafted and researched. Similar-looking domains are registered, and execs are carefully researched. Secondly, many execs have personal assistants who manage their day-to-day operations and who are often more susceptible to social engineering techniques.”
He added that this goes to show how important it is within a company to train every user, as attackers attempt to hit the most vulnerable spots, and they are not necessarily internal staff. Further, CEO fraud targets customers and partners, so all parties need to be more aware of how phishing works and how not to fall prey to it.
SMEs could better stay on top of phishing emails by looking at their IT security recruitment strategy. Executives certainly should improve their knowledge, but in-house specialist knowledge is crucial in today’s business too.