26% of e-mails received each day are phishing mails: Experts
Raising an alarm over the limited knowledge of cyber security among the senior management of various companies, expert stressed the need for an immediate upgrade to avoid large scale frauds. Citing the reserve bank of India’s diktak that makes it mandatory for top banking officials to undergo a training in cyber security, they said that it should be extended to other sectors well. The experts were speaking at information systems Audit and control Association (ISACS) annual conference 2019, on Saturday.
Interestingly, an internal experiment within accompany showed that 99% of the top management had yielded to a mushing mail sent on purpose. “of the 99% who tried to open the e-mail, about 1% tried three or four times to do so. Many even changed their passwords as instructed in the phishing mail, “said a global control specialist from an IT company participating in the conferences. “This goes on to show the poor level of awareness about basics of cyber security among the top management,” he added sharing how several surveys show that 26%, of e-mails received each day are phishing mails.
Agreeing with participants about how it is often difficult to convince top management to allocate more funds for cyber security experts said that is rooted in limited understanding. “it is important to have a roadmap for 3 to 5 years and then approach the board for funds. We have to talk to the management in the language they understand, as top-level management across companies still have limited understanding of cyber security”, said Prasanth Choudhary, partner, Risk Advisory Services, highlighting cyber breach not only impacts data but also hamper the company’s brand image.
Delivering the keynote address, Telangana IT Security Jayesh Ranjan said that cyber security is a subject of tremendous relevance and that the state government has taken various steps to strengthen it. He listed out initiatives like the cyber security policy rolled out three years ago, the security operations Centre (SOC) that has been set up to protect critical databases of the government, training programs in cyber security being offered by the state and collaboration with the Hague Security Delta and Centre for Development Advanced Computing (CDAC). “We are also focusing on startups in Cyber Security and a lot of innovative products are being made by them at the T-hub,” he added.
The ISACA conference designed around the theme, “Cyber Security: redefining trust” was attended by 350 professionals, including bankers, Software professionals, IT auditors, Cyber Security professionals and risk managers.