February 26, 2024
November 19, 2024
 —  
Blog

Tales from the Frontline: What is the Actual Cost of Phishing?

Tales from the Frontline: What is the Actual Cost of Phishing?

Last week, I talked with a prospect about BlastShield’s passwordless authentication for Secure Remote Access, and I got the strongest positive reaction I have ever received. The CISO asked me” “Do you know how much money I spend trying to combat phishing in a year?” Smiling, thinking I knew where he was going with the conversation, I said, “How much?”

Uncovering the Hidden Costs of Phishing

The CISO started making a list:

  1. Let’s start with the direct cost of a breach or hack caused by phishing. Ninety percent of the breaches we have had in IT or OT began with a successful phishing attack. Between ransom and cleanup, my budget exceeded the plan significantly.
  2.  After the first hack, we implemented a phishing training course. This resulted in more cost per user, driving up my budget.
  3. After the second, we purchased an automated phishing test system—you know, the kind that sends phishing emails, and if an employee clicks on one, you send them to…you guessed it, that training class I just mentioned (which they had already been required to take).
  4. After the third, we turned on an MFA solution, thinking that this would solve the problem. The solution is to send an email code or an SMS to confirm whenever someone attempts to authenticate. More cost and it still didn’t stop all the attacks.
  5. So, we changed our password aging to every three months rather than yearly. This annoyed our users and resulted in lots of passwords being written on sticky notes and, worse, more password managers being used. One of the password managers was hacked, and a ton of our users' credentials were stolen, resulting in a flood of attacks.

Why Passwordless Authentication is the Solution

If you eliminate passwords and simplify user authentication, you save me millions of dollars a year. That is an ROI good enough for me to test your system today. 

The testing starts this week. Do you have this problem, too? Test the BlastWave solution to see how passwords are unnecessary to secure your OT network. 

https://www.blastwave.com/schedule-a-demo

Download Infographic (PDF)
Vince Zappula
Vince Zappula
Head of Sales
view All Posts
Latest Posts
Network Cloaking
Creating a Defensible Architecture: Analyzing the SANS 2024 ICS State of ICS/OT Cybersecurity Report and the Five Critical ICS Controls
Network Segmentation
OT Zero Trust Protection: Desired Outcomes and Proactively Eliminating Entire Classes of Risk
OT Secure Remote Access
How Do You Secure Legacy Systems? Top Industrial Cybersecurity Strategies for OT Protection
Network Segmentation
OT Zero Trust: Insights from Real-World Deployments
Authors
No items found.
Tags
No items found.
Follow Us
Subscribe

Our Privacy Policy applies.

<< Previous article in
OT Secure Remote Access
OT Secure Remote Access
Network Cloaking
Network Segmentation
Next article in
OT Secure Remote Access
>>

Experience the simplicity of BlastShield to secure your OT network and legacy infrastructure.

Schedule a Demo
Tackling OT Security in a ZTNA Era
In The News
Tackling OT Security in a ZTNA Era
Tackling OT Security in a ZTNA Era
In The News
Tackling OT Security in a ZTNA Era
Creating a Defensible Architecture: Analyzing the SANS 2024 ICS State of ICS/OT Cybersecurity Report and the Five Critical ICS Controls
Blog
Creating a Defensible Architecture: Analyzing the SANS 2024 ICS State of ICS/OT Cybersecurity Report and the Five Critical ICS Controls
Case Study
How Zero Trust and Network Cloaking Protected a Factory from a $4.8M Cyber Attack | OT Security
How Zero Trust and Network Cloaking Protected a Factory from a $4.8M Cyber Attack | OT Security
Case Study
How Zero Trust and Network Cloaking Protected a Factory from a $4.8M Cyber Attack | OT Security
Company

Our Privacy Policy applies.

Privacy Policy | Cookie Policy | © 2024 BlastWave, Inc. All Rights Reserved