Phishing Cited by SMBs as Top Attack Threat

A new survey of 600 IT decision makers at small-to-midsized businesses (SMBs) found that nearly all SMBs are conducting some form of employee cybersecurity awareness training, which could be due in part to the fear of phishing. It might seem promising to note that the new global report, Webroot SMB Cybersecurity Preparedness, found almost 100% of businesses train their employees in cybersecurity awareness. However, the report also found that the number significantly decreases for ongoing training practices, with only 39% of companies reporting that they educate employees continuously throughout the duration of employment. Yet the report found that businesses in the US, UK and Australia are taking cybersecurity seriously. It revealed a shift in the attacks organizations believed themselves to be most susceptible to in 2017. Also noteworthy was the finding that the estimated cost of a breach is decreasing. While phishing ranked third for most dangerous threat in 2017, it topped the chart for 2018. Nearly half (48%) of respondents identified phishing attacks as the top perceived threat , and 45% said that their business will be susceptible to DNS attacks. Overall, phishing displaced new forms of malware, which fell to number six, behind distributed denial-of-service (DDoS) and mobile attacks. Ransomware grew from fifth place in 2017 to third in 2018; however, the responses varied by geography.