CAMBRIDGE, Mass.--(BUSINESS WIRE)--PiiQ Media is swiftly changing the face of cybersecurity amid the revised remote work environments. With full teams existing outside the perimeter security that used to protect organizations at scale now 90% of corporate data breaches start with a phishing or spear-phishing based attack, exploiting a person rather than a computer system. Yet companies put far less emphasis on preventing employee driven social engineering attacks than they do on traditional IT security. Social engineering and spear phishing represent an easily targeted Achilles heel in organizations’ efforts and policies to mitigate cyber-risk.
Business email compromise (BEC) has jumped over 200% during just the first month of Covid-19 and continues to rise. Phishing attempts are up over 667%. As the holiday season quickly approaches, this marks the peak season of cyber security vulnerability annually. It’s time to start preventing breach attempts instead of attempting to block attacks. Despite industry attempts to block email based attacks the frequency and cost of attacks continue to rise. IBM Cost of Insider Threats 2020 global report found the average breach-cost to companies in 2019 averaged $11.45M. These trends clearly illustrate the need for proactive PII Risk Management.
Enter PQ-Risk’s – CXO product. This SaaS-based solution quickly and comprehensively analyzes an organization's risk posture and provides specific actionable details for who in the organization are unintentionally but unnecessarily propagating risk. Beyond detailing PQ-Risk’s 21+ risk markers weakening the enterprise attack surface, PiiQ Media monitors identified exposure points in social media profiles for red flag indicators. Additionally, PiiQ Media provides the only truly tailored spear phishing training and awareness capability based on the individuals’ exposed personal information identified.
Victims are typically targeted from publicly available, open-source data found on Social Media Sites (SMS) where attention to privacy is often neglected. This exposed open source information known as PII (personally identifiable information) provides bad actors the means to exploit victims in a variety of ways (i.e. credential stealing, malware, ransomware etc.)
What is Social Engineering and Spear Phishing’s impact to Businesses Security?
Combined these tactics compile over 98% of all cyber-attack methods and it is considered successful in the cyber community if these attempts are somewhat contained. There were no automation tools to stop them before they succeeded until PiiQ Media came along. As recently as July ‘20 Twitter announced they were the victims of a spear phishing attack, “A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools.” Proof that even the most forward-thinking technology companies are not immune to the risks related to social media PII mismanagement and spear phishing attacks.
How does PQ-Risk CXO work? Checkout our explainer video
PQ-Risk CXO provides automated analysis and scoring of digital risks to organizations’ cybersecurity horizon, identifying executive and employee exposure through PII found on social media sites. It identifies where personal data provides a roadmap for a bad actor to exploit personal or corporate attack surfaces through family, friends, interest, locations or email/domain security allowing them to introduce a scam, malware, ransomware or worse.
CXO examines individuals’ publicly available data - the same as hackers do – from major social media sites. This information is not voluntarily provided by employees, rather it exists openly on the web and social media. CXO aggregates this data to create bench-mark risk posture “scorecards”. These scorecards identify areas of PII exposure representing potential risk and can run periodically, enhancing ongoing cybersecurity operations.
Significantly PQ-Risk CXO provides two key differentiators, firstly it is the only solution to successfully aggregate publicly available, profile data across the all five primary social media platforms! Secondly, it has the ability to automatically contextualize a unique spear phishing email based on the assessment results. This is unlike any phishing simulation solution on the market. Each training simulation varies by end users recent activity online, the tool changes tactics as the target generates new information online that details their recent interests and or networks.
About PiiQ Media
Headquartered in Cambridge, MA PiiQ Media is a privately funded, post seed, pre-series A, Data Science and Social Media Analytics company, specializing in SaaS & Cybersecurity solutions while also offering consulting engagement services. In August ‘20 PiiQ Media conducted a Risk Analysis of Fortune 100 Company C-Level Executives using their CXO product. The total analysis of 500 unique social media profiles from these organizations’ top leaders revealed numerous startling trends and Executive PII shortcomings.
Key findings worth mentioning;
- 23% of those F100 leaders used their business email to register and receive personal social media account communication
- 91% have recently breached emails in the past 6-12 months
- 45% of executives are revealing completely exposed passwords!
PQ-Risk CXO represents that “ounce of prevention worth a pound of cure ” and is newly available to increase cybersecurity for not only companies, but their employees PII as well!
PiiQ Media also offers an extensive suite of additional services and solutions to enhance cybersecurity and intelligence needs.