Case Studies

How to Prepare for Phishing Attacks

Issue link:

Contents of this Issue


Page 0 of 1

How CynergisTek Helps Organizations Prepare for Phish Attacks The Challenge Phishing is one of the most common and fastest growing cybersecurity threats today. In fact, RSA research found that these attacks cost organizations $9.1 billion in losses worldwide in the first half of 2016. Recently healthcare has become a highly sought after target for cyber criminals due to the large volume of sensitive data that the industry holds. Several healthcare organizations have recently experienced breaches that were the result of a phishing attack. For example, last year a regional medical center in Washington compromised the information of 8,300 patients after several employees responded to phishing emails with database user names and passwords, giving hackers access. The first step in reducing the likelihood of becoming a phish victim is to create awareness of the threat. To help the healthcare industry fight back, CynergisTek offers a Phishing Assessment service and works closely with providers and vendors to assess their organization's ability to recognize a phishing attack. The assessment is designed to create a training experience that will teach users how to proactively identify a phishing email and help create more cybersecurity awareness across the entire organization. One of CynergisTek's clients views protecting patients' personal information as part of its commitment to providing quality care. Their information security team realized the extent that phishing threatened the integrity of their information security program and worried that insiders might jeopardize the posture of the security program. The team decided that a third party phishing assessment would be an effective tool for creating awareness around how easy it can be to become a victim of a cyber attack. The information security team selected CynergisTek to execute a phishing assessment based on an existing working relationship. The Solution CynergisTek's solution included multiple phishing email campaigns directed at hundreds of users per campaign. Emails were sent across the organization, and all campaigns consisted of a realistic scenario based upon the latest phishing trends and insider knowledge of the organization. CynergisTek's assessment provided insight into the organization's ability to take a critical eye to suspicious emails, and also delivered reports about how far the user swam into the phishing net. The Impact During the phishing assessment, CynergisTek deployed several phishing campaigns and found that 42% of the phish emails were opened and 74% of those users then clicked a link within the email. 80% of users that clicked proceeded to submit personal or company user credentials, such as user name and password. Phishing attacks cost organizations $9.1 billion in the first half of 2016 During the phishing assessment, CynergisTek found that 42% of phishing emails that were sent were opened, 74% that were opened were clicked and 80% that were clicked had personal information submitted Fast Facts

Articles in this issue

view archives of Case Studies - How to Prepare for Phishing Attacks