Providers must improve defenses to beat phishing attacks
Through 2020, email-related phishing probes will remain the primary method of advanced targeted attacks to get data from healthcare organizations and other entities, according to Gartner. Effective mitigation of inbound phishing attacks compels chief information security officers to take a multipronged approach that spans technical, procedural and educational controls. Gartner surveys the damage that can be done and ways to mitigate the threat.
Increasing volume and sophistication of phishing attacks are resulting in real financial damage to organizations in both downtime (such as ransomware attacks) and direct financial fraud (such as wire transfers). Phishing content does not always include a malicious payload, making phishing emails increasingly difficult to detect. Phishing attacks against employees have expanded beyond email to include social media, instant messaging, SMS and voice communications.