However, the cost for not investigating phishing incidents is even higher, according to security firm Agari, at £6.3m for the average US firm.
The 2018 Verizon Data Breach Incident Report indicates that phishing represents 93 per cent of all breaches investigated — with email as the main entry point in 96 per cent of cases.
“Many organizations’ security operations teams report that their work around investigating suspected phishing emails is heavily repetitive and requires many meticulous steps, such as checking multiple blacklists and different IT systems within the company,” said analyst Anton Chuvakin from Gartner Research.
The firm said training end users to identify and report phishing emails is challenging and time-consuming and an error-prone process for both end users and security operations.
“Many businesses accumulate tens of thousands of user reported phishing incidents per year, which have a 50 per cent false positive rate. These reports take an average of 5.9 hours per phishing incident to analyze and require complicated manual processes involving multiple tools to remediate,” it added.
Software can be integrated with Microsoft Office 365 to automatically remove all phishing emails from user inboxes.
Agari said it’s software detailed impact analysis — including URL, attachment and sender forensics — enabling security teams to ignore false positives and cut phishing incident response times.
A centralized dashboard records breach containment metrics and measures reductions in phishing incident response times, so security teams can demonstrate a positive return on investment.