Infosec Cloud

Security Awareness Training – The Numbers

Blog post   •   Dec 10, 2015 12:37 GMT

If you need to convince the C-Suite that your organisation needs IT user Security Awareness Training, here’s 12 handy stats that will help you build a case for approval:

1

Yes it only takes one click by a vulnerable IT user to compromise your network.

50%

Over half of Internet users receive at least one phishing email per day.
[Source: Phishing.org]

74%

of internet users would download a potentially malicious file, because they lack the ‘cyber-savviness’ they need to spot dangers online.
[Source: http://www.infosecurity-magazine.com/news/most-online-users-cant-spot-dodgy/]

60 seconds

RSA identifies a phishing attack every minute.
[Source: http://www.emc.com/emc-plus/rsa-thought-leadership/online-fraud/index.htm]

97%

of people around the globe cannot identify a phishing email
[Source: http://securityaffairs.co/wordpress/36922/cyber-crime/study-phishing-emails-response.html]

1 in 25

On average, users click on one in every 25 malicious messages, with click rates doubling year-on-year for middle managers.
[Source: http://www.scmagazineuk.com/phishy-cyber-criminals-go-corporate-with-social-engineering/article/410666/]

£1.07m

is the average cost of lost business following a data breach, an increase from £0.95 million in 2014.
[http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=SA&subtype=WH&htmlfid=SEW03054GBEN]

887

In Q1 2015 887 phishing domains were discovered in the UK, higher than France (799), the Netherlands (680), Canada (641), Russia (583) and Brazil (452)
[Source: http://www.techweekeurope.co.uk/security/cyberwar/ransomware-phishing-mcafee-labs-threats-169835#qHIt3iKX6PgvhcJG.99]

70%

of email fraud comes from domains that aren’t owned by brands.
[Source: http://www.returnpath.com/wp-content/uploads/2015/07/The-Marketers-Guide-to-Email-Fraud.pdf?_ga=1.36141285.451683969.1449583988]

31 days

The mean number of days to resolve cyber-attacks was 31 days with an average cost of £11,545 per day
[Source: http://www.computing.co.uk/ctg/news/2429621/cyber-crime-costs-uk-firms-an-average-of-gbp41m-a-year-report]

And most shocking:

£4.12m

is the average cost of a company data breach in the UK, up from £3.86 million in 2014.
[Source: http://www.computing.co.uk/ctg/news/2429621/cyber-crime-costs-uk-firms-an-average-of-gbp41m-a-year-report]

However another source reports this as just £2.37m – but still a concern…
[http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=SA&subtype=WH&htmlfid=SEW03054GBEN]

Less than £1/month/user

The cost of Security Awareness Training for IT users.

Of course statistics don’t tell the whole story, but may provide an insight into why more and more organisations are turning to IT user Security Awareness Training to help build their human firewall.

Layered Approach to Security

As IT Security experts, we recommend organisations adopt a layered approach to security, which incorporates Security Awareness Training. We can provide a free Security Health Check, cloud-based and on-premise IT Security services and solutions, plus award winning Security Awareness Training. Our Security Awareness Training is provided as a fully managed service and delivered at the employee’s desktop. The training, which includes trackable simulated cyber attacks, is measurable, cost-effective and time efficient.

There’s no silver bullet, however Security Awareness Training is the most immediate and cost-effective way to help make sure your organisation doesn’t become another data security breach statistic.

Security Awareness Training Resources:

Security Awareness Training Brochure: http://www.infosec-cloud.com/wp-content/uploads/2015/12/Infosec-Cloud-SATT-Brochure.pdf
Security Awareness Training – Free Demo >> http://www.infosec-cloud.com/security-awareness/security-awareness-training-demo/

Or call us on 01256 3799970, email sales@infosec-cloud.com to find out how we can help you implement a layered approach to security, including providing our Security Awarenes Training service for all your IT users.