author photo
By Clare O’Gara
Fri | May 1, 2020 | 1:21 PM PDT

It's a first place prize you actually don't want to win.

But according to BakerHostetler's sixth annual Data Security Incident Response (DSIR) Report, phishing continues to earn the award.

Phishing the number one attack vector against organizations

With metrics from 950 cyber incidents handled last year by the firm, you know these insights are comprehensive. The DSIR Report analyzed incidents impacting entities of all sizes and industries, including healthcare, finance, insurance, education, professional services, energy, government, manufacturing, technology, retail, and hospitality.

Phishing schemes are still the number one cause of a cybersecurity incident.

"For the fifth year in a row, phishing remained the leading cause of incidents at 38%, followed closely by network intrusion at 32%. The remaining top causes were inadvertent disclosure (12%), stolen/lost devices or records (8%) and system misconfiguration (5%)."

What happens after a successful phishing attack?

The more interesting piece uncovered during the report is what happens after the phishing attack. If one of your end-users clicks a malicious link, then what? 

The incidents studied found falling for a phish led to the following :

  • 31% Office 365 Account Takeover
  •  24% Ransomware
  • 13% Installation of malware
  • 13% Network intrusion
  • 8% Wire transfer
  • 7% Theft of data
  • 1% Cryptomining
  • 1% Espionage

Based on the incident response of its clients, the law firm says average security investigation and forensics costs dropped in 2019 to $58,034, from $63,001 the previous year.

Web conference: managing third-party risk during and after COVID-19

Dan Pepper is a partner on BakerHostetler's Privacy and Data Protection team. He's leading a SecureWorld Remote Sessions broadcast (live and on-demand) around third-party risk and how you should reevaluate the effectiveness and efficiency of your third-party risk right now.

Register here: Managing Third-Party Cyber Risks During COVID-19

The presentation will discuss the necessary elements of a robust program, together with key considerations for managing cyber risks during the pandemic.