A new phishing study of six million users shows insurance organizations and not-for-profits lead all other industries with greater than thirty percent of users falling for baseline phishing tests.
The study shows these types of organizations rank higher (in the low 30 percentiles) than the overall average of 27 percent across all industries and size organizations. Large business services organizations had the lowest Phish-prone benchmark at 19 percent.
The Phish-prone percentage is determined by the number of employees that click a simulated phishing email link or open an infected attachment during a testing campaign using the KnowBe4 platform.
The study, drawn from a data set of more than six million users across nearly 11,000 organizations, benchmarks real-world phishing results. Results show a radical drop of careless clicking to just 13 percent 90 days after initial training and simulated phishing and a steeper drop to two percent after 12 months of combined phishing and computer based training (CBT).
The study anonymously tracks users by company size and industry at three points: 1) a baseline phishing security test, 2) results after 90 days of combined CBT and simulated phishing, and 3) the result after one year of combined CBT and phishing […] Read more »