Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:05 PM
Dark Reading
Dark Reading
Products and Releases

Protecting Confidential Information Remains No. 1 Problem for End Users: Wombat Security

End users show good understanding of how to avoid ransomware attacks but lack understanding of data protection techniques, including those mandated by the GDPR.

PITTSBURGH, April 24, 2018 – Wombat Security (Wombat), a division of Proofpoint and the leading provider of cyber security awareness training, today announces the release of its 2018 Beyond the Phish® Report, which provides analysis of nearly 85 million questions and answers posed to its customers’ end users — a significant increase from 70 million in the 2017 report — across 12 categories and 16 industries. The report identifies strengths and weaknesses related to phishing as well as a range of cybersecurity threats beyond the phish.

“As we come off a successful week at RSA Conference, the 2018 Beyond the Phish® Report again illustrates the importance of combining the use of assessments and training across many cybersecurity topic areas, including phishing prevention,” said Joe Ferrara, Wombat General Manager. “Our hope is that by sharing this data, infosec professionals will think more about the ways they are evaluating vulnerabilities within their organizations and recognize the opportunity they have to better equip employees to apply cybersecurity best practices and, as a result, better manage end-user risk.”

The 2018 Beyond the Phish® Report also validates the need for organizations to use a combination of simulated attacks and question-based knowledge assessments to evaluate their end users’ susceptibility to phishing. For example, though Wombat’s 2018 State of the Phish™ Report revealed a 9% average click rate on phishing tests across all industries, the Beyond the Phish® Report shows that end users incorrectly answered 24% of questions related to the identification and avoidance of phishing attacks. This indicates that organizations that are relying on simulated phishing tools alone are not getting a complete picture of their end users’ understanding of — and susceptibility to — the many different tactics cybercriminals employ when crafting email-based social engineering attacks.

Key areas from the report analysis that reveal room for improvement include the following:

  • End users again displayed the worst performance in the Protecting Confidential Information category, with 25% of questions missed, down marginally from 26% in 2017. This category covers compliance-related topics, including requirements related to the General Data Protection Regulation (GDPR). These results are particularly concerning with the looming GDPR enforcement date. 
  • Employees in telecommunications and manufacturing each received the lowest rankings in 3 of the 12 categories analyzed for the report.  
  • In the Protecting and Disposing of Data Securely category — which deals with secure management throughout the data lifecycle — end users across all industries answered 23% of questions incorrectly.

While there is always room for improvement with regard to end-user risk management, the 2018 Beyond the Phish® Report also highlights categories and industries in which employees are improving year-over-year and have answered the highest percentage of questions correctly: 

  • End users incorrectly answered an average of 19% of questions across all categories and industries. 
  • Employees in education and technology industries each had top rankings in 3 of the 12 categories analyzed for the report. 
  • End users performed the best in the Avoiding Ransomware Attacks category, answering nearly 90% of questions correctly on average across all industries.

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
The Yellow Brick Road to Risk Management
Andrew Lowe, Senior Information Security Consultant, TalaTek,  11/19/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: He hits the gong anytime he sees someone click on an email link.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-11-25
osCommerce has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.
PUBLISHED: 2020-11-25
GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.3, any authenticated user has read-only permissions to the planning of ever...
PUBLISHED: 2020-11-25
Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded...
PUBLISHED: 2020-11-25
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service fo...
PUBLISHED: 2020-11-25
An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving se...