News

43% of SMEs experienced phishing attack in the last 12 months

Cybersecurity
Research of 250 IT decision-makers at UK SMEs by CybSafe - the intelligent security awareness, behaviour and culture solution that demonstrably reduces human cyber risk - has uncovered shocking new data on the impact of phishing.

CybSafe’s research shows that 43% have experienced a phishing attempt through impersonation of staff in the last 12 months. Of those impersonation phishing attempts, it was discovered that two-thirds (66%) had suffered a successful attack.

Businesses in CybSafe’s survey admitted to taking minimal action to correct this: less than half of those featured in the research (47%) claimed to already have a cyber security training and awareness programme in place.

Interestingly, respondents saw email phishing as a much greater threat than phone phishing. Pitted against nine other potential threats, email phishing was perceived to be the second most pressing threat (37%). By contrast, phone phishing was believed to be the least (8.8%) urgent threat to business.

Oz Alashe, CEO, CybSafe said: “The continued dominance of phishing presents a huge opportunity for the channel. Businesses often aren’t running a security awareness and training programme. Those that are, often aren’t seeing benefit from it; their people are still being phished, and their human cyber risk isn’t visibly being reduced. For the channel, both of these scenarios presents an opening.”

CybSafe’s report echoes warnings in the Government’s own Cyber Security Breaches Survey published earlier this year, which found that phishing attacks were the most common security attacks on businesses and charities in the UK.