51 percent of organizations don t believe they are ready for a cyberattack or breach event. 29 percent of companies that have a plan in place to address such an event have not updated, tested or reviewed that plan in more than 12 months. DNS, rogue employees and phishing/social engineering should be top of the list of threat areas for organizations to address. Security professionals must understand the pathways to look for, and the key positions where hackers are trying to gain a foothold. Phishing attacks account for 90 percent of all data breaches and have skyrocketed last year.
Source: https://threatpost.com/three-areas-focus-cyber-plan/150572/