Despite spending an average of $319,327 on spear phishing prevention in the past 12 months, an estimated 28 percent of attacks are getting through and are costing companies dearly. Credit: Thinkstock/CSO New research from messaging security provider Cloudmark and technology research company Vanson Bourne provides new insight into IT professionals’ views and experiences with spear phishing attacks, as well as the security and financial impact of these attacks on their organizations.“With the wealth of information about individuals and organizations now available online, cybercriminals can easily craft targeted attacks to gain access to valuable personal and financial information. Spear phishing has emerged as one of the largest threats facing enterprises today,” said George Riedel, CEO of Cloudmark.Vanson Bourne surveyed 300 IT decision makers at organizations with more than 1,000 employees in the U.S. and the U.K. to assess the impact of spear phishing attacks, as well as what measures enterprises were taking to combat them.Highlights from the survey: * Roughly 70 percent of respondents reported that their organization has implemented a specific solution to prevent spear phishing, investing an average of $319,327 over the past 12 months, focused primarily on anti-spam and anti-virus software as well as employee education. However, 84 percent estimated that a spear phishing attack had penetrated their organization’s security solution and, on average, respondents estimated that 28 percent of attacks are getting through.* More than 80 percent of companies that experienced a spear phishing attack reported negative impacts to their businesses as a result. The biggest impacts were loss of employee productivity (41 percent), financial loss (32 percent), loss of company reputation (29 percent), damage to brand reputation (27 percent) and the loss of customers (25 percent) and intellectual property (25 percent). In addition, 15 percent reported a decrease in stock price as a direct result of spear phishing attacks. The financial impact of spear phishing over the last 12 months is estimated to be $1,644,119 on average. * According to respondents, the employees that were the most targeted during spear phishing attacks are the IT staff (44 percent), the financial staff (43 percent) and the CEO (27 percent). Respondents reported that their organization had suffered an average of 10 attacks involving the spoofing of a CEO for financial gain within the last 12 months.* Of respondents whose organizations use staff training to prevent spear phishing, 61 percent reported that their organization provides ongoing training. On average, respondents’ organizations are testing their employees’ response to spear phishing attacks every four months. Despite routine testing, almost no respondents (3 percent) reported that all employees passed the most recent spear phishing test. Cloudmark Related content news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Certifications Certifications news analysis Web app, API attacks surge as cybercriminals target financial services The financial services sector has also experienced an increase in Layer 3 and Layer 4 DDoS attacks. By Michael Hill Sep 27, 2023 6 mins Financial Services Industry Cyberattacks Application Security news Immersive Labs adds custom 'workforce exercising' for each organizational role With the new workforce exercising capability, CISOs will be able to see each role’s cybersecurity readiness, risk areas, and exercise progress. By Shweta Sharma Sep 27, 2023 3 mins Security Software news Sysdig unveils cloud attack graph based on real-time threat data Sysdig also announced a new cloud inventory and agentless scanning capabilities to tackle cloud security risks. By Michael Hill Sep 27, 2023 3 mins Threat and Vulnerability Management Cloud Security Storage Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe