Phished credentials caused twice as many breaches than malware in the past year

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.

Personal device use for remote work poses the biggest security risk to organisations safeguarding their increasingly mobile and cloud-based IT environment, according to a new survey of 100 UK-based senior IT security professionals.

phished credentials

Conducted from March to May by Rant, the survey found 58 percent of respondents believe that network access from non-corporate and personally-owned devices such as laptops, desktops or mobile phones is the highest risk in managing remote users, among other findings.

Remote work on the rise

75 percent of respondents reported that their users now connect remotely to work applications at least 25 percent of the time. While this remote work trend has created unmatched flexibility and has helped organizations attract top talent globally, it has introduced a major predicament for IT and security teams.

“Enterprise mobility is one of the biggest IT security challenges and personal devices are a massive blind spot,” said Richard Archdeacon, Advisory CISO at Duo Security. “If you don’t know what’s connecting to the network, how can you protect data from being compromised? What’s clear from this survey is that decision makers still don’t feel comfortable with the sea of devices entering the workplace.”

When it comes to different groups of remote workers, nearly half of all security professionals (48 percent) ranked external suppliers and service providers as the most risky, compared to internal employees such as the C-suite, sales and field support workers.

This data is underlined by several recent high profile security breaches that originated from third-party suppliers. According to Forrester’s 2017 Global Business Technographics Security Survey, 41 percent of breaches in the past 12 months were incidents within the organization or involved business partners/third-party suppliers.

phished credentials

Phishing: The leading cause of breaches

The findings also reveal the extent to which phishing attacks targeting user credentials continue to dominate as the primary source of security breaches, underscoring the need for robust policies around device health and user authentication.

When asked about the biggest security incident in the last 12 months that resulted in unauthorised access to corporate applications, nearly half of respondents reported phishing as the cause. The findings reveal:

  • Phishing resulted twice as many breaches than malware (48 percent compared to 22 percent)
  • Phishing resulted in more breaches than malware and unpatched systems combined (48 percent compared to 41 percent).

Outdated devices are particularly vulnerable to being compromised, which can easily spiral into a full-blown, major breach,” Archdeacon added. “Organisations don’t necessarily need to block individuals from using their personal devices, but they do need to re-shape their security models to fit these evolving working practices.”

Operating on a basis of zero trust where the user’s identity and device health are checked and verified every time they access an application, helps to minimise the security risks inherent in any Bring Your Own Device (BYOD) culture.