Phishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely to reel in a victim. Once they recognize organizations as habitually vulnerable, they will continue to target them and the barrel-fishing cycle goes on and on.
“Bad actors are highly motivated and funded with the sole attempt to be successful at attracting only one victim,” says Johanna Baum, CEO and founder of Strategic Security Solutions Consulting. “[However], as an organization, you are tasked with protecting all potential victims.”
Overlooking or misjudging IT security hygiene greatly increases the susceptibility to an attack. But even if you are following a pristine protocol, have offered training to employees, repeatedly remind staff to verify suspicious communications, and keep up on the latest nefarious campaigns to fool the unwary, your organization is, and always will be, vulnerable.