Among organizations with 1,000 or more email users (379 total, 318 in the RSA survey, 61 in the Infosecurity survey), 65 percentof respondents (67 percent RSA, 52 percent Infosecurity) said that their organization had been the target of a spear phishing attack in the past year.
Of this group, only 12 percent(11 percent RSA, 18 percent Infosecurity) do not believe they were the target of a spear phishing attack and the remaining 23 percent(22 percent RSA, 30 percent Infosecurity) reported that they did not know.
Comparatively, organizations with fewer than 1,000 email users (241 survey respondents, 187 in the RSA survey, 54 in the Infosecurity survey) reported fewer spear phishing attacks — 48 percent(53 percent RSA, 30 percent Infosecurity) believe they had been targeted, 33 percent(29 percent RSA, 48 percent Infosecurity) did not and 19 percent(18 percent RSA, 22 percent Infosecurity) did not know.
During the RSA Conference 2013 and Infosecurity Europe 2013 conferences, Proofpoint surveyed a total of 620 professionals with C-level, IT, security and risk/compliance titles (505 of these at the RSA Conference, 115 at Infosecurity Europe) that visited Proofpoint’s conference booth. Using a Web-based survey, respondents were asked about a variety of concerns around spear phishing, advanced targeted attacks and data breaches. Both surveys asked the same questions. This slideshow features the key findings.