#1 Recommendation - Department of Health and Human Services (HHS)

The HHS #1 Mitigation Practice is E-Mail Protection Systems – Phishing Simulation. Phishing attacks via email (a type of hacking attack) are the most common first point of unauthorized entry into an organization. Hackers target the weakest link, humans; social engineering accounts for 98% of ransomware attacks.

Phishing attacks are becoming more complex and cybercriminals are regularly changing tactics. Focused phishing attempts at specific individuals, Spear Phishing, account for 91% of successful data breaches. Businesses therefore need to constantly educate their staff members to ensure training is not forgotten and to keep employees up to date with new threats.

Phishing email simulations are also effective in reinforcing training, gauging the effectiveness of training sessions, and spotting weak points.

Phishing Campaign – Do not feed the Phish

  • Baseline Testing - Assess the Phish-prone percentage of your users through a simulated phishing attack
  • Train Your Users - The world's largest library of security awareness training content includes interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails
  • Phish Users - Best-in-class, fully automated simulated phishing attacks, hundreds of templates with unlimited usage, and community phishing templates
  • See the Results - Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management

Employees Stop Taking the “Bait”

Analyzing 6 million users over the course of 12 months uncovered surprising results. The overall industry initial Phish-prone percentage benchmark is a troubling 27%.

Fortunately, our new-school Security Awareness Training reduced the 27% by more than half in only 90 days. The 365-day results show that by the following these best practices, the final Phish-prone percentage can be reduced to a mere 2.17% on average.