Every year, threat actors look for new ways to outwit victims and bypass defences. And 2022 was no different. As businesses rolled out new security controls, cyber criminals responded.
They added complex techniques like telephone-oriented attack delivery and Multi-Factor Authentication (MFA) bypass. Unknown to most users, these techniques gave cyber attackers a new advantage. And with threat actors constantly upping their game, CISOs and Infosec teams had their work cut out.
Now in its ninth year, our annual State of the Phish report explores end-user security awareness, resilience and risk using survey data from 15 countries. The report benchmarks understanding of common cyber attacks and defensive tactics. And then it looks at how gaps in knowledge and cyber hygiene enable the real-world attack landscape. Most attacks target people before they target systems. That's why the final section of this report examines security training practices and outlines opportunities to build and sustain a security-aware culture at every level.
Alongside this year's main report, we've also put together regional summaries to explore how local nuances affect gaps in awareness. This regional summary includes data from France, Germany, Italy, the Netherlands, Spain, Sweden, the United Kingdom (UK). and the United Arab Emirates (UAE). Data has been drawn from surveys of 4,000 working adults and 650 security professionals.
Download to find out more.