Reports of phishing incidents accounted for almost half (45%) of all reported security incidents in the UK during 2019.
Since the General Data Protection Regulation (GDPR) came into action, reports of data breaches and cyber security incidents have continued to increase exponentially.
A recent CybSafe report analysed the quantity and nature of cyber security reports made during 2017-2019.
Data breach reports to the Information Commissioner’s Office (ICO) rose from 1,854 in 2018 to 2,376 in 2019, a 28% increase. Reporting data breaches is mandatory in all cases where there has been “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.”
“With GDPR causing a massive surge in reporting during 2018, we might have expected that reports to the ICO would taper off in 2019 – but this wasn’t the case.”
Oz Alashe – CEO, CybSafe
The most notable figure, however, was with regard to phishing attacks.
In 2019, a record breaking 1,080 successful phishing attacks were reported to the ICO, accounting for 45% of all cyber security reports to the organisation during the year.
“In terms of human error data breaches, it was a particularly significant year. […] Many companies won’t be doing anything at all to tackle these types of cyber risks, and those that are doing something, often won’t be using cost-effective, impactful, and measurable solutions.”
What this demonstrates is a clear necessity for further cyber security education within organisations. Security Awareness Training coupled with routine simulated phishing is still the most cost-effective method to reduce an organisation’s cyber threat surface.
With as many as 50% of SMB execs lacking confidence in their users’ ability to spot phishing emails, it is apparent that user knowledge requires a significant boost.
To aid the first step towards a security-first culture, we at Phishing Tackle decided to take the guess-work out of understanding your organisation’s currently level of cyber awareness. We created a free tool which reveals how many of your users are susceptible to phishing attacks. Check it out here: Free Click-Prone® Test
Make 2020 the year that your organisation DIDN’T have to report to the ICO.