Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Costs from phishing attacks have tripled since 2015.  The  average annual cost of phishing has increased from $3.8 million in 2015 to $14.8 million in 2021. This is because phishing has a low entry barrier for cybercriminals with a high-value return. These emails are very easy to create, require little technical knowledge and most importantly, depend solely on one user clicking to succeed.

Phishing attacks not only had direct financial consequences but these attacks also increase the likelihood of a data breach, decrease employee productivity and increase the likelihood of a business disruption, all contributing additional costs. In fact, huge amounts of time and investment are spent dealing with the consequences of a phishing scam. Employee productivity losses are among the costliest to organizations, increasing from an average of $1.8 million in 2015 to $3.2 million in 2021.

Of note is how minimal the losses are from ransomware payments in the grand scheme of things. Ransomware annually costs large organizations $5.66 million. Of that, $790,000 accounts for the paid ransoms themselves. There is a much larger context to the costs these attacks can inflict.


Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

Security training and awareness programs are the best remedy for addressing the dangers posed by phishing attacks. According to respondents, these programs can reduce phishing expenses by more than 50 percent on average. Users are a critical target in phishing attacks and the best defense is a people-centric approach to security.

The Ponemon Institute’s 2021 Cost of Phishing Study sponsored by Proofpoint surveyed 600 IT and IT security practitioners to better understand the risk and financial consequences of phishing. For the first time in this year’s study it looks at the threats and costs created by business email compromise (BEC), identity credentialing and ransomware in the workplace.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.