Alarming results of phishing tests in Czech companies and institutions: cybersecurity is seriously compromised

In the last two years, BOIT Cyber Security has conducted phishing tests on more than 60 Czech companies and institutions. The results of these tests are alarming and show that cyber security in the Czech Republic faces serious challenges. The tests showed that the average success rate of simulated phishing attacks reached 18%, with success rates of up to 30% in some sectors such as schools.

Shortcomings across sectors

“The phishing tests we conducted revealed significant security weaknesses across a variety of sectors, including government institutions, private companies and healthcare facilities. The results are alarming and point to the need for an immediate solution,” says Pavel Matějíček, CEO of BOIT Cyber Security.

Shocking attack success rate

Of the 18,135 phishing emails sent, an average of 26% of users opened the fraudulent site, with a median of 24%. Schools are the most at risk group, with an average phishing success rate of 30%. For government institutions, the figure was 21%, while private companies had an average attack success rate of “only” 17%. The lowest phishing success rate was recorded for hospitals, where it reached 7%.

Schools and government institutions at risk: easy targets for attackers

The results clearly show that the most vulnerable sectors are schools and government institutions. The average success rate of phishing attacks in schools is as high as 30%, demonstrating the critical need to improve cybersecurity in this sector. Public institutions, which saw an average success rate of 21%, also need to improve their security to reduce the risk of successful attacks.

Is there hope?

From the results we can clearly say that improving cyber security is absolutely key to minimising the risk of successful phishing attacks. Companies and institutions should prioritize the implementation of multi-factor authentication (2FA), which significantly increases the level of protection for access to sensitive information. Another important step is to regularly educate employees on cybersecurity so that they are aware of the risks and can identify potential attacks. Implementing modern security technologies such as advanced filters to detect phishing emails and monitoring suspicious behaviour can further help protect against attacks. It is essential that organisations invest in robust security measures and create a culture that emphasises safe behaviour in the digital environment.

About BOIT Cyber Security

BOIT Cyber Security is a leading Czech company specializing in cyber security. It provides comprehensive services in the field of protection against cyber threats, including conducting phishing tests, employee training and provider of retraining courses. With years of experience and expertise, it helps companies and institutions improve their resilience against increasingly sophisticated cyber attacks.