The report found that 45 percent of European countries are not prepared for a phishing attack, despite 78 percent of IT professionals having dealt with a security incident originating from a deceptive email. This was significantly lower than the 66 percent in the US that had dealt with a similar incident.
Across all the European countries surveyed, security teams reported that they are struggling to manage their response to the number of suspicious emails being received. The US and Europe differ, however, in their appetite for automated email analysis to solve this problem. 59 percent of respondents in Europe had automated email analysis on their wish list, compared to only 33 percent in the US. Arguably, this could point to the skills gap much discussed across Europe1. With organisations of all sizes struggling to find IT talent and particularly cyber security skills, perhaps the need for an automated and integrated system to deal with suspicious emails is being felt more acutely in Europe.
Other key findings in the report include:
- The number one security concern is phishing and email-related threats.
- 41 percent of respondents say their biggest anti-phishing challenge is poorly integrated security systems.
- 6 in 10 companies believe they have insufficient defences against email-based threats.
- The UK reports the most suspicious emails each week across Europe with 23 percent reporting more than 500, Belgium reports the least at 16 percent followed by Germany at 18 percent, France at 20 percent and the Netherlands at 22 percent.
With phishing and email-related threats being the primary security concern of the European-based survey respondents, it is critical that businesses have an effective strategy to counter the attack vector which is fully integrated with broader security solutions. It is paramount, for example, that phishing simulations are akin to the real thing and encourage reporting which, in turn, can not only stop a malicious email compromising an enterprise's network, but can give the incident response team a head start.
"The analysis of email-based attacks gives us extremely valuable insight into the security posture of European organisations," said Rohyt Belani, co-founder and CEO of Cofense. "What we're really looking at here is addressing human susceptibility and building human resiliency to work in concert with technology to combat security threats facing Europe. Technology solutions alone have proved time and time again that they can only go so far to protect enterprises. It is not enough to lock down systems and force users into acting a certain way, instead we need to build a human-driven phishing defence posture that leverages human instinct for detection and technology to scale response," he concluded.
The full report is available for download here: https://cofense.com/phishing-response-trends-europe/
To learn more about Cofense's incident response solutions, please visit: https://cofense.com/product-services/triage/
This study was commissioned by Cofense and delivered by Gatepoint Research, an independent market research organisation. Gatepoint Research surveyed 400 select IT professionals, largely senior decision-makers, on phishing response strategies across five European countries; the United Kingdom, France, Germany, the Netherlands and Belgium. They represented firms in a wide variety of industries, including but not limited to, business services, high tech, primary manufacturing, healthcare, financial services, retail trade, wholesale trade, transportation, consumer services, and telecom services. Businesses of all sizes from small or mid-market firms to Fortune 1000 companies were included in the sample.
Cofense, formerly known as PhishMe®, is the leading provider of human-driven phishing defence solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organisation-wide engagement to active email threats. Our collective defence suite combines timely attack intelligence sourced from employees with best-in class incident response technologies to stop attacks in progress faster and stay ahead of breaches. Cofense customers represent Global 1000 organisations in defence, energy, financial services, healthcare and manufacturing sectors that understand how changing user behaviour will improve security, aid incident response and reduce the risk of compromise. To learn more, visit https://cofense.com.
Global Corporate Communications