A recent survey focused on security and IT professionals from around the world to understand the threats their organizations face today. The findings highlight that cyber criminals frequently target individual employees within businesses to gain access to sensitive information.

Among various forms of attacks, phishing proved most damaging with 40% of respondents confirming that they experienced phishing attacks in 2016, including instances of spearphishing and whaling.

About one-third of the participants reported dealing with malware-less threats that infiltrated their organizations, affecting IT systems and increasing the workload on IT staff. Scripting attacks were identified as the most common type of such incident, whereas credential compromise or privilege escalation caused the greatest impact among these threats. The survey revealed that few of the threats were new zero-day vulnerabilities, with 76% of security professionals admitting that fewer than 10% of significant threats they encountered were zero-day.

Notably, users are both the main targets and integral part of the solution in addressing these attacks. According to the survey, 37% of respondents noted that calls to the help desk helped them uncover some of the most impactful threats.

The complete results from the 2017 Threat Landscape survey will be made available on August 15, 2017.