CYBER PATROL something as simple as a misdirected email, where you go to send a message with sensitive information and pick the wrong person – a very innocent mistake that can have grave consequences.” Following an outbound breach, there is no guarantee that an employee will report the error to a data protection officer or company official. Oftentimes, outbound errors can go undetected, making it impossible for the company to take corrective action. It’s easy to see why employees often ignore outbound incidents, when considering how companies typically respond. Egress found that following outbound email incidents, 67 percent of people were disciplined, let go, or chose to leave the organization. Once again, discipline was the most common outcome, occurring in 51 percent of companies – a 10 percent YoY increase. Striking a Balance Businesses must tread carefully when implementing new email security solutions and training programs. Relying too heavily on automation can sideline employees from the process and create a false sense of security. At the same time, forcing workers to sit through excessive email training can lead to pushback from busy teams. Egress discovered that cybersecurity leaders are most concerned employees will skip through SAT training as quickly as possible or find training annoying. The trick is to strike a balance by automating threat detection, while keeping employees engaged and aware of inbound and outbound threats. Egress recommends “meeting employees in the moment of risk – such as when they’re faced with a phishing email or about to make a mistake.” This makes training faster, more relevant and more effective than standard SAT or out-of-the-box modules. With this approach, companies can upskill employees about cybersecurity and empower them to make more informed decisions when using email. “An organization’s greatest defense is its staff, and the more you can make them cyber-aware and instill a sense awareness of responsibility, the better,” Hoy explained. Egress, which is now a KnowBe4 company following its recent acquisition, aims to eliminate inbound and outbound threats that slip through M365’s native controls and secure access gateways (SEGs). The company uses AI and machine learning to detect threats, while also leveraging social graphs and pretrained deep neural networks to detect data exfiltration and human error. The platform now also integrates with KnowBe4 to Source: Gartner, January 2024 ologies AI trust technologies GenAI-ce User-in-theloop AI Provenance detectors AI Current AI Efforts and Future Investment Source: CompTIA, 2024 IT outlook Aggressively pursuing integration 22% Limited implementation 33% Exploration 45% Significant decrease Moderate decrease No change Moderate increase Significant increase Future Investments Current Adoption 25% 37% 25% 7% 7% How SAT is Tailored to Organizations Source: Egress cybersecurity leader survey Training is tailored to each individual employee Training is tailored to each department or team Default training modules offered by the provider Training is tailored to the organization as a whole 28% 46% 19% 7% 32 Fallout from Phishing Attacks People Costs Employees were disciplined 51% Employees were fired 39% Employees voluntary left organization 27% Organizational Costs Financial loss from customer churn 47% Reputational damage 42% Financial loss from regulatory penalties 34% Lengthy remediation 22% Legal repercussions including litigation 14% Source: Egress cybersecurity leader survey CHANNELVISION | JULY - AUGUST 2024
RkJQdWJsaXNoZXIy NTg4Njc=