Humans Are the Weakest Link in Security

Mike Weber, Vice President, Coalfire Labs

In our recent analysis of penetration testing engagements contained in our Penetration Risk Report, we discuss the impact that social engineering, specifically phishing, has on the ability to allow attackers insider access to compromise an organization.

  • The mistakes of people continue to pose the most significant threat to organizations
  • Midsized firms are four times easier to breach through social engineering, despite demonstrating a better security posture compared to large and small companies.
  • Despite the disparity, all companies are vulnerable to social engineering attacks

For additional details on the research you can download the report.

The infographic below illustrates the findings about phishing used as a primary attack vector to compromise companies, the types of phishing campaigns that yield the most success in getting employees to take an action (click a link, submit credentials) and susceptibility by business size.

Mike Weber


Mike Weber — Vice President, Coalfire Labs

Recent Posts

Post Topics