What do you consider to typically be the root cause of a phishing incident?

Awareness & TrainingThreat Intelligence & Incident Response

User error (lack of security awareness training)31%

Ineffective security controls67%

Something else (please explain in the comments)2%

114 PARTICIPANTS
1.7k viewscircle icon1 Comment
Sort by:
Senior Information Security Manager in Software2 years ago

Root cause would be different for each incident.

But as of late, the root cause is often emails that are well crafted to fool most users.

Additionally, effective awareness training is often lacking such that people don’t know to be aware of these attacks.

Roger Grimes has a new book out ‘Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing’ - https://amzn.to/3uBbEd2

It details the many things firms need to do in order to fight phishing.

Content you might like

Can anyone share how they have partnered with HR to prevent shadow agents from accessing HR data outside of sanctioned AI platforms/tools?

What’s your “hot take” when it comes to security questionnaires?

Read More Comments

What topics would you like to learn more about / be most likely to attend a webinar on?

Ransomware / Malware / Phishing33%

Privacy27%

Cloud Security57%

Network Security34%

Zero Trust vs. VPN33%

Remote Workforce Security28%

Seamless User Experience16%

Legal and Regulatory Compliance8%

View Results

Has your organization experienced model denial of service attacks on its LLM?

Yes45%

Not to my knowledge53%

Not sure

View Results

Any tips for evaluating/implementing solutions for application detection and response? What’s your experience been like with these tools so far?