95% of companies want humans and tech to work together to fight phishing

More than half of companies are plagued with phishing emails on a regular basis, and awareness training often isn't enough, according to an IronScales report.

More than half of companies (54%) continue to face phishing emails on a regular basis, and are looking beyond employee training to find the best solution, according to a report from IronScales, a security firm that offers phishing tools.

The report surveyed 300 security professionals at the recent Infosecurity London conference. When asked how prepared their organization is to deal with email phishing on a scale of one to 10, 44% rated their company as a seven or less. Among the problems were that 35% of organizations said they do not have an email address or a report button for employees to send suspicious messages to, the report found.

Phishing presents a number of problems to security teams, the report found. Some 55% of security pros surveyed said the time it takes to to detect phishing messages was the greatest challenge facing their team, while 24% said performing email forensics on messages received was the largest threat. Another 18% named removing malicious messages from mailboxes as the biggest issue.

SEE: Incident response policy (Tech Pro Research)

Security teams are looking for different solutions to fight phishing, the report found, with 38% reporting looking for a combination of automated email forensics, mitigation, and remediation, including AI solutions that can verify phishing emails. But automation is not the only answer: 95% of security pros agreed that humans and technology should work together to better detect and respond to sophisticated email phishing attacks.

Still, challenges on the human side remain. More than three-quarters (76%) of security professionals said their organization trains employees to recognize phishing emails. But less than half said that phishing click rates had dropped as a result of these training programs.

“On average, it takes just 82 seconds between a phishing email passing through the gateway and the first user interacting with the rogue message,” Eyal Benishti, IronScales founder and CEO, said in a press release. “This survey makes it abundantly clear that while phishing is high on everyone’s radar, organizations continue to struggle to expeditiously deflect the threats posed by email borne attacks.”

The big takeaways for tech leaders:

54% of companies face phishing emails on a regular basis. — IronScales, 2018
95% of security professionals said that humans and technology should work together to better detect and respond to sophisticated email phishing attacks. — IronScales, 2018

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for employee performance reviews, which will clearly document accomplishments and areas of opportunity via an encouraging and thought-provoking analysis. This will assist in determining the next steps for employees as well as their future at the organization. This policy can be customized ...

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for requesting, filing and permitting paid/unpaid time off as well as to ensure coverage during holidays, vacation(s) and other absences where staffing levels must be consistent to meet the needs of the business. From the policy: TIME OFF GUIDELINES All time off ...

95% of companies want humans and tech to work together to fight phishing