IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Network and security IT primary target for phishing attacks
Wed, 22nd Dec 2021
FYI, this story is more than a year old

New research commissioned by OpenText reveals that concerns about phishing attacks is significantly increasing among IT and cyber security decision-makers, especially those at larger companies.

New data collected from IT and security executives and decision makers across North America, Europe and Asia-Pacific gauged the awareness of and experiences with phishing attacks, levels of concern, business impacts, and mitigation challenges at small to midsize organisations.

The results highlight the growing importance companies need to place on ensuring their entire supply chain operates efficiently and has safety precautions in place to mitigate phishing attacks.

Key Survey Highlights across APAC Include:

  • IT divisions were the primary target (55%) of all phishing attacks, with web services (31%), customer service (22%) finance (15%), and CEO/Board/Top Executives (15%) rounding out the top five
  • The level of concern regarding phishing threats is felt the most in APAC with 66% of respondents revealing they are very concerned, followed by 31% feeling somewhat concerned.
  • 47% of APAC respondents are more likely to indicate employees are only somewhat prepared to combat phishing compared to other regional counterparts. While 44% APAC respondents indicated training investment increased and an additional 47% indicated security awareness training program is very effective. 
  • APAC respondents are the most likely to indicate sensitive data has been exposed due to phishing at 41% compared to North America (29%) and Europe (26%). With an additional 47% of APAC respondents more likely to report experience with search engine phishing.

"Attackers go where the opportunity is, which explains why IT departments, top executives and finance groups remain common targets," says Prentiss Donohue, EVP SMB/C Sales at OpenText.

"While we aim to get as close 100% as possible, it is unrealistic to expect that no employee will ever click on malicious links or fall for increasingly sophisticated and well-crafted phishing emails," he says.

"This makes it vital for organisations to deploy a multi-layered approach to protect against the newest threats."

 Protecting against phishing attacks is a top priority among those surveyed. In order to address these challenges, 87% of organisations are mandating security awareness training with 65% backing up email and collaboration data so its recoverable after an attack. Almost 61% of these companies are deploying endpoint security as a phishing defence mechanism.


This research was conducted by IDG in September 2021. Commissioned by OpenText, 300 IT decision makers were anonymously surveyed globally, equally divided among North America, Europe and Asia-Pacific (Japan and Australia).

OpenText, The Information Company, enables organisations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions.