How CynergisTek Helps Organizations Prepare for Phish Attacks
A phishing attack occurs every minute.
Phishing cost organizations $4.5 billion worldwide in 2014.
Attackers now seek health information more than credit card information.
CynergisTek found that 42% of phishing emails were opened during the test, 74% that opened clicked and 80% that clicked submitted some type of personal information.
Phishing is a Growing Threat
Phishing is one of the most common and fastest growing cybersecurity threats today. In fact, RSA research found that a phishing attack occurs every minute, and these attacks cost organizations $4.5 billion in losses worldwide in 2014. Recently healthcare has become a highly sought after target for cyber criminals due to the large volume of sensitive data that the industry holds. Several healthcare organizations have recently experienced breaches that were the result of a phishing attack. For example, last year a regional medical center in Washington compromised the information of 8,300 patients after several employees responded to phishing emails with database user names and passwords, giving hackers access.
The first step in reducing the likelihood of becoming a phish victim is to create awareness of the threat. To help the industry fight back, CynergisTek offers a Phishing Assessment service and works closely with providers and vendors to assess their organization’s ability to recognize a phishing attack. The assessment is designed to create a training experience that will teach users how to identify a phishing email and help create more cybersecurity awareness across the organization.
Healthcare Providers Need Third-Party Expertise
One of CynergisTek’s clients views protecting patients’ personal information as part of its commitment to providing quality care. Their information security team realized the extent that phishing threatened the integrity of their information security program and worried that insiders might jeopardize the posture of the security program. The team decided that a third party phishing assessment would be an effective tool for creating awareness around how easy it can be to become a victim of a cyber attack. The information security team selected CynergisTek to execute a phishing assessment based on an existing working relationship.