Wombat Security Technologies Offers Tips to Keep your Company's CEO Off the Hook

Pittsburgh, PA – June 25, 2013 – Is your CEO putting your company at risk? It's the dirty little secret that IT security officers don't want anyone to know. Actual simulated phishing attack results show that C-level executives may be most likely to take the bait and fall for simple or sophisticated spear phishing attacks. In response, security awareness and training leader, Wombat Security Technologies, (Wombat) is offering helpful tips for CSOs trying to convince corporate executives they need education on how to recognize and avoid cyber security attacks.

It's clear that phishing attacks continue to rise. Recent high profile breaches initiated by a phishing attack or more targeted spear-phishing attack include the Associated Pressthe U.S. Department of Energy, and other well-known organizations.

But here's the shocker. Cyber security experts are discovering that corporate executives are falling for attacks like electronic faxes, fake conference registrations, shipping confirmations, and social media password resets. Not only are these executives clicking on potentially malicious links, Wombat's data reveals some senior executives are actually submitting login credentials, which may be exposing their company to harmful data breaches.

In response, Wombat offers the following tips for IT security officers who want to convince company leaders of the need to educate the entire employee base, including executives, about phishing attacks and how to avoid them.

  1. Know your Numbers – When you're trying to sell security awareness internally, it's good to know the cost of not investing, i.e. damage to brand reputation, loss of intellectual property, cost of cleaning PCs, unnecessary helpdesk calls, etc. Risky behavior is expensive. 
  2. Remember the Executive Assistant – Anyone who has access to the executive's email may be vulnerable to phishing attacks. Training people in these roles is equally as important as training your executives. 
  3. Quantify the Opportunity Cost of Remediation – If you and your security team had less threats or breaches to chase, what proactive or revenue generating projects could you accomplish? Have the list in your pocket.
  4. "My Time is Too Valuable" is Not an Answer – If you've got stats and numbers to back you up, there's no reason to let the executive team off the hook for training. Everyone needs to be educated about information security risks and the CEO and the executive team can lead by example.

In addition to these helpful tips, Wombat Security Technologies offers innovative tools to assess and train a workforce. Wombat's cyber security arsenal includes a mock phishing attack service, a comprehensive training platform with a full set of 10-minute software training modules, and sophisticated reporting tools that profile a company's vulnerability to cyber threats. For more information about Wombat, simulated phishing attacks, or the company's full range of security awareness and training solutions, please visit http://www.wombatsecurity.com.

About Wombat Security Technologies

Wombat Security Technologies helps organizations combat cyber security threats with uniquely effective software-based training solutions for employees. Wombat offers fully automated, highly scalable software-based training solutions, built on learning science principles. They offer mock attacks with brief embedded training, as well as a full complement of 10-minute software training modules. Wombat's training solutions have been shown to reduce employee susceptibility to attack over 80%. Wombat is helping Fortune 1000 customers, large government agencies and small to medium businesses in segments such as finance, banking, higher education, retail, technology, energy, insurance, and consumer packaged goods strengthen their cyber security defenses. For more information visit www.wombatsecurity.com or contact Lorraine Kauffman-Hall at 704-882-0443 or lhall@attainmarketing.com.