1. Users are the weak link in the chain
Lack of training/awareness about phishing and ransomware is the number one reason these attacks are so successful. According to the research, 6% of users have never received security awareness training, crushing confidence in staff’s ability to recognise threats and act dutifully. Users should be trained to be sceptical and suspicious of any unexpected incoming email and any other scam they might encounter on social media.
Interesting, I saw that statistic and came to the opposite conclusion. 94% have gotten some training, and they are still the weak link, which goes to show that maybe the training isn’t effective, or your users don’t care. Organizations clearly should be doing more to evaluate the training that is being provided.