In anticipation of our previous threat monitoring and forensics webinar we asked the Twitterverse what happens after they report a suspicious email. Does it fall into a black hole? Does IT check it out to mitigate potential impact? The results are in, and interestingly a majority of polled respondents simply don’t know what happens to their emails after they report it.
There are several reasons why this may occur, such as a lack of follow up communication, but what it does highlight is a potential gap in cyber security education and training. Further, this can also result in a lack of trust in the cyber security training program and in turn a reduction in participation.
“Sometimes over communication is a necessary tool, especially when the security of your employees and business are at stake. In the case of our recent poll the results show that the majority of organizations that participated need refreshers on what happens to their reported suspicious emails. It’s also likely that there is no feedback or analysis provided to the employee after the fact,” said Dane Boyd, Phishlabs Lead Solution Manager.
Unfortunately when it comes to training, education, and risk mitigation, ripple effects happen quite frequently. Beyond those who don’t know what happens to their reported emails, the other three options were nearly a tie:
The above gives us an interesting snippet of data, but this is just one piece of the puzzle and each have very different organizational impacts. For organizations that don’t empower their employees to report suspicious emails (18%), they are introducing avoidable risk and are more likely to fall victim to phishing attacks. Organizations with employees who report suspicious emails, but are not analyzed immediately, (19%) introduce some added risk.
Lastly, organizations who both empower their employees to report suspicious emails and the IT team analyzes it immediately (18%) are in a position of reduced risk as they can potentially mitigate other employees from falling victim to an attack. This is done by seeing who else may have received the email, reaching out to the intended targets, and checking if anything was clicked, downloaded, or otherwise interacted with it. The IT team can also confirm if the suspicious email is legitimate, freeing it from a black hole with no response or action that may be needed.
What Happens At Your Company?
Do suspicious emails fall into a black hole? Maybe they don’t get reported at all. Complete the survey below and we’ll update this post with the latest data.