Phishing training is essential.  However, some phishing training companies are attempting to double down on the idea that more training, even a managed service for training, is better than implementing a defense-in-depth strategy. 

They will lead you to believe that there is no need for added defense because your firearms are useless.  Don’t fall for this trap—it's not supported by data. Our belief, backed up by data, is that the combination of enhanced protection and training is the right approach.  

When our customers implement Avanan, they achieve four key objectives instantly:

  1. Improve security and reduce opportunity for victimization by keeping malicious emails out of the inbox
  2. Drastically reduce the workload on the SOC and security teams
  3. Supplement Microsoft's security
  4. Make an immediate impact on your overall security



One of our customers saw this in action. This was a 15,000-user organization. Their users were well trained by one of the major phishing training vendors. And still, something was lacking.  

Objective 1: Improve security and reduce opportunity for victimization by keeping malicious emails out of the inbox


The implementation of Avanan in the beginning of July 2020 led to a 98.8% reduction in phishing attacks delivered to the end user’s inbox almost overnight. We reduced the opportunity for someone to click on a malicious link in an instant. This isn’t about training—it’s about reducing, and in this case nearly eliminating, the opportunity for someone to click on a link, reply to an email or pay an invoice.  

Keep in mind, that the average click rate, according to the latest Verizon Data Breach report, is 3.4%.  In this case we reduced the number of clicks from 20 to less than ONE.  

 

Objective 2: Drastically Reduce the Workload on the SOC and Security Teams

Let’s now talk about the reduction in workload for the SOC and Security teams.  In this chart, we’ll look at the number of reports to the SOC team by the end users.  Each of these reports requires an investigation and due diligence by someone.  And if the reports are malicious, it requires some sort of remediation.  As you can see from the chart, we reduced the number of reports from end users by 71%.  This happened practically overnight.

Imagine the joy of the team when they walked in the next morning to realize that they could spend time doing other things and not playing whack-a-mole with email.



Objective 3: Supplement Microsoft Security

In the case of most of our customers, they don’t want to rip anything out.  They want to supplement what Microsoft is already providing, whether it's ATP or just EOP. This is line with our philosophy. While we absolutely don’t require ATP or EOP or any other layers of security, we believe that additional layers only serve a benefit. 

However, if you use ATP or EOP, they still must be supplemented if you want effective security. These solutions on their own are absolutely not enough.  This is exactly why Gartner wrote in an October analysis, “Gartner client inquiry data suggests a level of dissatisfaction for some organizations, indicating that Microsoft still lacks in effectiveness.” It is also backed up by our latest analysis of 350 million emails proves what ATP customers and Gartner already knows.    

In the chart from our analysis, customers with ATP have a marginal improvement in the number of attacks delivered to end users.  The gap is still stark, with Avanan making up a huge difference.  




Objective 4: Make an Immediate Impact

Executives at some of the hardest hit organizations want immediate solutions.  They don’t want to wait for training to be rolled out, only to make an incremental impact. They want solutions today, to stop today’s problem. The moment Avanan went into protect mode at this customer was the moment we began solving the problem. To their joy, they had no idea what an impact Avanan could have made on their overall security and day to day life.

Conclusion

Phishing is getting more complex.

Since the COVID-19 pandemic began, we've seen tremendous increases in both the sheer numbers of phishing, as well as the types of lures they're using.

With remote work now the norm, scammers are getting creative. We've seen vishing attacks with attackers posing as IT; we've seen scammers posing as HR.

It's no wonder that phishing is the most reported cybercrime in the US.

Phishing training is essential and can really help. When employees know what a phishing email is, they will be less likely to click.  

But it not a cure all. One study found that phishing awareness programs wears off, and that training needs to happen every six months. Think about it: Phishing training done in January would've been helpless against COVID-related threats. 

You don't have six months. You're being inundated with phishing attacks now, and just one email can bring major consequences. And phishing training doesn't affect whether the emails reach the inbox or not.

Avanan offers the best of both worlds. It starts with best-in-class security that can nearly eliminate the phishing problem. Additionally, our IRaaS product handles all end-user requests for restore from quarantine.

And additionally, our partnerships with phishing simulation companies KnowBe4, Cofense and Symbol Security ensure that your employees are constantly abreast of the latest trends and their active engagement with potential phishing is added information for Avanan's machine learning, making it even better at preventing phishing. The more your employees engage, the better our algorithm gets. 

With Cofense, for example, a button in the system reports directly to Avanan. So when a user reports phishing, Avanan sees that and uses that information to better its security. 

There is no panacea in security. But when you implement Avanan, you will see dramatic and lasting results, practically overnight. 

And given how fast threats are rising, that sort of impact is beyond measure. 

Subscribe to Our Attack Briefs for More Research