New research by ISACA and Terranova Security shows that only about 63% of organizations are properly keeping track of the effectiveness of their strategies for informing employees about phishing and preventing them from falling for this type of attack.
The study also found that only a small majority of companies (57%) include phishing simulations in their awareness strategy, although 25% claim to use other active methods for assessing how employees respond to phishing attempts. According to Frank Downs of ISACA, the survey shows that “[c]urrent phishing defense strategies and implementation are clearly not hitting the mark.”
Read more: Current phishing defense strategies and execution are not hitting the mark
