Among industries facing potential phishing attacks, the employees of the financial services industry are among the lowest risk to fall prey to this form of digital attack, according to a new report from the security company KnowBe4
At financial services institutions with less than 250 employees, 31 percent were initially considered high-risk to phishing miscreants, while the banking industry as a standalone industry measured at 29 percent and insurance industry employees measured at 36.4 percent. After 90 days of combined computer-based training and simulated phishing security testing, the risk factor for the financial services industry dropped to 12.6 percent while the banking and insurance industries saw a decline to 9.7 percent and 15.5 percent, respectively.
Still, KnowBe4 warned that more work was needed in addressing phishing attacks.
“The results across the nine million users highlights a drastic predicament for organizations that don’t feel the need or choose not to invest in new-school security awareness training which includes phishing security tests,” said the new report. “The phish-prone percentage data shows that no single industry across all-sized organizations is doing a good job at recognizing the cybercriminals phishing and social engineering tactics. When users have not been tested or trained, the initial baseline phishing security tests show how likely users in these industries are to fall victim to a phishing scam and put their companies at risk for potential compromise.”