Phishing Simulation Tests: Lessons learned

According to the HIMSS cybersecurity survey, 57% of healthcare organizations were the target of a phishing attack last year. In fact, phishing is one of the most common attack vectors. Why? A combination of the ease and low cost to mount an attack, along with its effectiveness.

In the phishing simulation tests we conduct at Med Tech Solutions (MTS) to train our clients’ employees to recognize and avoid imposters’ attacks, we often see nearly 10% of our clients’ staff falling victim to our initial simulated phishing emails. These rates decrease dramatically with training, but the social engineering behind phishing attacks, coupled with hectic work environments and a steady barrage of legitimate email, make them particularly dangerous.

We often see nearly 10% of our clients’ staff falling victim to our initial simulated phishing emails.

Phishing simulation programs are a proven way to train employees to become your first line of security defense. In fact, these programs are so effective, they may be required by cyberinsurance firms in order for your organization to be eligible for coverage, or to reduce your rates.

Phishing simulation programs are a proven way to train employees to become your first line of security defense.

Med Tech Solutions CEO Mona Abutaleb, who is widely covered in national healthcare IT and security publications, explains the lessons Med Tech Solutions has learned on this important topic in a cover article in Security Infowatch.

Some key insights from the article

• Regular phishing simulation programs and unannounced tests put employees at the front line of protection. Practice makes perfect and combatting phishing attacks is no exception. Learn the best practices for a phishing simulation program.
• Operate on the assumption that it’s not a question of if you will be hacked, suffer a breach, or be the target the ransomware, but when. Find out how to prepare and what you need to have in place to regain business continuity quickly.
• Gain visibility over your network. It’s hard to fight what you can’t see. Learn what technologies will give you the visibility you need to identify and shut down an attack.
• Remember that any phishing simulation is just one component of a multi-layered approach to data protection. Discover what else you need to consider.

Remember that any phishing simulation is just one component of a multi-layered approach to data protection.

Don’t miss these insights gained from the front lines of the war against cybercrime. Learn what you need to know about the risks of phishing attacks and how to protect yourself.

Read the full article here.

Need more information how MTS can help you? Contact us here.