Cybercriminals are increasingly using social engineering techniques and phishing attacks to gain access to credentials and confidential information from unsuspecting recipients. Phishing attacks are also becoming more sophisticated and harder to detect. Research shows that 73% of malware attacks started with phishing emails and 43 percent of breaches in the last year were related to social engineering attacks.


As an example, PDF files can be weaponised by malicious actors to steal Windows credentials without any user interaction and only by opening a file. Old-style security awareness training like “once-and-done” isn’t effective against the modern threat. More than ever, members of staff are becoming the weak link in network security.


This means a curious recipient who opens a PDF attachment they did not ask for can be pnwed in about 15 seconds. How do you reduce the risks of a member of staff opening a door to let an attacker into your corporate network?


An end-to-end cybersecurity assessment tool that identifies areas of susceptibility related to email-based social engineering also helps evaluate cyber security knowledge beyond phishing and social engineering.


Although you may wish to learn more about the threats to your business by performing a phishing simulation exercise this can lead to the alienation of your staff members. An educational approach is the first step in transform the security culture of your business, by firstly performing a baseline assessment to identifying the scale of the problem and uncovering the risks and potential impact of an attack.


An educational approach improves knowledge retention, creating longer-term behaviour change. It’s also important to reinforce best practices learned in order to keep cyber security top-of-mind for your staff members.

Addressed threats at a glance:

The Wombat State of the Phish Report 2018 shows how phishing can affect you and your organisation:


  • Phishing is a significant security issue for organisations – 73% of malware attacks started with phishing emails

  • 43 % of breaches in the last year were related to social engineering attacks

  • Phishing is a global issue – source IP addresses in EMEA accounted for 53 % of the world’s phishing attacks

  • Phishing attacks cost business – Over 60% of incident response engagements were related to phishing

  • Phishing affects a range of industries – from manufacturing to finance, and healthcare to technology


  • Improved security posture: better security awareness across all areas of the business

  • Forewarned is forearmed: if staff in your organisation are more suspicious, they are less likely to click on a phishing email

  • Reduces the impact and likelihood of a breach: regular, ongoing education uncovers new areas of risk as they arise


Elasticito offers a comprehensive Cyber Awareness Training service, from simple exercises to identify who reads an email and subsequently clicks the links within it, through to full Cyber Security Awareness baseline. And once the exercise is complete, we work with you to evaluate the results and identify areas for improvement. We also offer ongoing training to help focus your security investment in the right places to reduce risk.


Research Paper


Feel free to conduct your own research and due diligence, but you will find that our expert team at Elasticito has tirelessly evaluated and selected the best and most promising solutions in the market place.  


If you have any questions for us, or if you would like to see a demonstration of any of our solutions, get in touch with our team of subject matter experts by clicking the appropriate button below.

You might also be interested in

Identity As A Service
Orchestration, Automation & Response


To change behaviours and to reduce the chance of your staff being exploited by cyber criminals, cyber awareness training needs to be delivered as part of an on-going programme on a monthly or quarterly basis - not relying on one-time classroom or video based sessions.


However, designing and executing an enterprise wide programme that is relevant for every member of staff can be quite daunting for some.


That is why Elasticito and Wombat Security have teamed up to provide a fully Managed Cyber Security Awareness and Training Programme offering.  For a contract fee, we will design, programme manage, deploy your enterprise wide Cyber Awareness and Training Programme, or share the workload with your own resources, if preferred.  Read our datasheet below for more information.


Phishing - Awareness Training and Sending Phishing Emails Don't Work

Please reload


©Copyright Elasticito 2019. All rights reserved.

  • LinkedIn Social Icon
  • Twitter Social Icon