Keeping up with Phishing

Discussion Topics

Findings from an April 2021 Research Study

Last year’s abrupt, massive shift to remote work and the ensuing onslaught of cyberattacks triggered a moment of truth for cybersecurity professionals worldwide. Companies were forced to move computing assets to the cloud, sometimes without having time to fully vet the services for not only their cyber risk vulnerabilities, but their supply chain as well. Others obtained security software for their remote workers while still trying to balance other cybersecurity priorities, such as phishing defenses, threat intelligence and protecting remote workers.

An April 2021 CyberRisk Alliance Business Intelligence survey, underwritten by Cofense, highlights the resulting challenges organizations face in keeping up with phishing attacks.

Among the findings:

  • 65% of respondents say phishing attacks at their organization increased since Q4 2020, with a large majority of healthcare (80%) organizations reporting increased attacks. Many (53%) are concerned about the increased effectiveness of phishing attackers over the next 12 months and nearly as many (46%) say they struggle to stay ahead of the volume of phishing incidents. A similar share of respondents (46%) report that most employees at their organization find it difficult to recognize a phishing email or know how to respond to a phishing incident (44%).
  • Phishing attacks alone represented nearly one-third of all cybersecurity incidents in the past 12 months, according to the survey. Underscoring the need for proactive anti-phishing products, 56% of respondents said they experienced ransomware phishing and 54% said they experienced credential phishing, luring them to click on links to fraudulent financial schemes, executive blackmail attempts, fake solicitations from corporate executives and fake corporate website URLs, to name a few.
  • Financial losses are the most common result experienced by phishing victims, reported by 44% of all respondents. But respondents also paid the price of phishing attacks with loss of customer trust (38%), IP/data loss (38%), reputational damage (37%) and regulatory fines (30%). With ransomware on the rise, the repercussions will only get worse.
  • Most respondents (52%) believe responding to phishing is time consuming. Survey results reveal the average time to respond and remediate a phishing incident once it is identified is roughly 1.3 hours, with nearly 13% reporting a response time of 3 hours or more.

This report puts the responses in perspective and offers a course of action – specifically, how to build an effective Phishing, Detection and Response (PDR) framework that integrates technology, people, and processes and assists the security team, senior management and the board in developing processes and procedures to reduce risk, maintain compliance, build a strong business-continuity strategy and provide the structure for remote and local employees to defend against phishing attacks.


The data and insights in this report are based on an online survey conducted in April/May by CyberRisk Alliance among 353 senior-level executives (VP titles and above) in IT, cybersecurity and governance /risk / compliance roles employed at large organizations (with 1,000 or more employees) worldwide (North America, Europe, Middle East and Asia Pacific). Respondents were employed in a variety of industries with most from the financial services, IT/technology, manufacturing and healthcare sectors. The study was underwritten by Cofense.

Survey objectives included identifying organizations’ prioritized cybersecurity strategies concerning phishing defenses, tactics, and focus areas. The survey also explored spending, phishing and malware trends, the number and types of phishing incidents, the impact of phishing attacks. Respondents provided their responses to structured survey questions as well as various open-ended questions.


CRA Business Intelligence is a full-service market research capability focused on the cybersecurity industry. Drawing upon CRA’s deep subject-matter expertise and engaged community of cybersecurity professionals — along with a newly recruited, world-class market research competency — CRA Business Intelligence is unique in our industry.

These components together enable delivery of unparalleled data and insights anchored in our engaged community of cybersecurity professionals and business leaders eager to share their perspective on the market’s most important concerns.

  • CRA Business Intelligence provides:
  • Ground-breaking proprietary research to inform and engage our community
  • Custom research to support strategic product and marketing initiatives
  • Innovative thought-leadership content development and promotion
  • Brand engagement through business activity indexes, interactive tools and assessments, and more


Cofense®, the leading provider of intelligent phishing defense solutions, is uniting humanity against phishing. The Cofense suite of products combines timely attack intelligence on phishing threats that have evaded perimeter controls and were reported by employees, with best-in-class security operations technologies to stop attacks faster and stay ahead of breaches.

prestitial ad