Wombat Security Issues 2018 Beyond the Phish Report

May 5, 2018


The queries covered 12 different groups including safeguarding private information, safe use of passwords, identifying phishing electronic mails, working securely outside the office, harmless use of the Internet, safeguarding moveable appliances and information, removing of data securely, evading ransomware attacks, and safe use of social media.

The study of replies to the queries discloses numerous gaps in end users’ perception of dangers. Those knowledge gaps might well result in a breach of confidential information or the installation of malware.

Generally, across all industrial sectors, the largest area of weakness was safeguarding private information, which is a matter with the EU General Data Protection Regulation (GDPR) compliance cutoff date fast approaching. 25% of respondents replied to queries in this category wrongly. Identifying phishing dangers was another area of anxiety, with 24% of workers failing to reply queries properly in this group.

In the safeguarding and disposing of data securely and defending moveable appliances and information groups, 23% of queries were replied wrongly, with a 21% failure rate in harmless use of the Internet and identifying usual safety problems. The group with the most right replies – 89% – was evading ransomware attacks, with building secure passwords also well understood with 88% of queries replied correctly.

It is comforting to notice that the best performing industries were the Government and Technology, with only 20% of queries replied wrongly. Nevertheless, the healthcare industry didn’t fare so fine. This is a grave concern seeing how often healthcare workers are targeted. It is also exciting to note that the healthcare industry is necessitated by law to provide safety consciousness training to workers regularly. In healthcare – along with professional and manufacturing services – 23% of queries were replied wrongly. The worst industrial sector, with 24% of queries replied wrongly, was hospitality.

The worst performance was safeguarding moveable appliances and information, with 35% of queries replied wrongly by workers in the hospitality sector, closely followed by safeguarding private information, which saw 33% of failures by the defense industrial base. There was also a failure to reply 32% of answers properly in the safeguarding and disposing of data securely group by the hospitality industry.

Although the Health Insurance Portability and Accountability Act (HIPAA) requires healthcare companies to securely dispose of confidential information, there was a 28% failure rate in this group in healthcare. Safeguarding moveable appliances and information (27% failure) and safeguarding private information (26% failure) – also protected by HIPAA Laws – are also areas of concern.

The solution is additional training. Carrying out regular safety consciousness training sessions, changing the training methods used, using phishing replication electronic mails, transmitting regular safety-related electronic mails, can all assist to improve safety consciousness of the staff and develop a safety culture in a business.