No one sees themselves as a likely victim of a phishing attack, but people are falling prey to them constantly, Sullivan says. “You only need to catch a user at the wrong time on the wrong day,” he warns. “With advanced social engineering tactics leveraging information readily available through systems like LinkedIn, Facebook, and a variety of other sources, the sophistication of attacks has never been higher.”
Sullivan believes that active security is the answer. Having the right security tools and practices in place is important for any business, but building security awareness training that educates and empowers users to be active participants in defending data, systems, and business operations is crucial.
“Without an ongoing commitment to continuing education, preparation, and participation, companies are setting themselves up for failure despite significant investments into security tools, solutions, and strategies,” he says. “A well-educated, well-prepared userbase is the first and strongest line of defense.”
