RSI Security

Blog

  • How to Create a Security Incident Response Plan (CSIRP) – A Step by Step Guide

    How to Create a Security Incident Response Plan (CSIRP) – A Step by Step Guide

    In today’s hyper-connected digital landscape, cyberattacks are becoming more frequent, complex, and costly. Ransomware alone caused more than $30 billion in global losses in 2024, and according to IBM’s 2025 Cost of a Data Breach Report, the average breach cost has risen to $4.56 million. Organizations can no longer afford a reactive approach. A Computer Security Incident Response Plan (CSIRP) provides the proactive framework needed to detect, contain, and recover from cyber incidents quickly and effectively.

    For businesses working with the Department of Defense (DoD) or managing sensitive or regulated data, a CSIRP isn’t optional, it’s required for compliance with standards like CMMC 2.0, NIST SP 800-171, HIPAA, and PCI DSS v4.0.

    An effective CSIRP not only reduces financial and reputational risk but also strengthens organizational resilience and supports regulatory defense in the face of evolving threats.

     

    (more…)

  • Benefits of SOC 2 Type 2 Certification

    Benefits of SOC 2 Type 2 Certification

    The American Institute of Certified Public Accountants (AICPA) manages several certification programs for service organizations, including software-as-a-service (SaaS) providers. When clients are uncertain about a SaaS company’s data protection measures, obtaining SOC 2 Type 2 Certification provides concrete assurance of trust.

    The key benefits of this certification include increased customer confidence, reduced impact from security incidents, and simplified regulatory compliance.
    (more…)

  • Weekly Threat Report: Three Critical Zero-Day Vulnerabilities

    Weekly Threat Report: Three Critical Zero-Day Vulnerabilities

    From edge firewalls to business-critical applications and web browsers, attackers are actively exploiting zero-day vulnerabilities across the digital ecosystem. This week, three high-severity threats have surfaced, exposing core systems to remote code execution and full compromise. Organizations must act quickly to mitigate these risks and secure exposed infrastructure.

    (more…)

  • Top Benefits of Hiring a vCISO

    Top Benefits of Hiring a vCISO

    Cybersecurity leadership is critical to every organization’s success, and that’s where vCISO services make a difference. As data breaches and ransomware attacks rise globally, businesses face billions in losses every year. Cybersecurity Ventures’ 2024 Cybercrime Report projects that cybercrime will cost the global economy $10.5 trillion annually by 2025, up from $3 trillion in 2015. These losses stem from data destruction, theft, fraud, and reputational harm.

    To combat this, governments are tightening cybersecurity regulations, and organizations are turning to virtual Chief Information Security Officer (vCISO) services to strengthen their defenses and meet compliance demands.

    (more…)

  • Phishing Risk by Industry 2025: Benchmarks & Threat Insights

    Phishing Risk by Industry 2025: Benchmarks & Threat Insights

    Phishing Risk continues to dominate the threat landscape in 2025. As attackers evolve their tactics to bypass technical defenses, businesses face a critical question: How likely are employees to fall for a phishing attempt?

    KnowBe4’s latest Phishing by Industry Benchmarking Report 2025 provides a data-driven answer. Based on results from 56 million simulated phishing tests across 55,000+ organizations, the report reveals average Phishing-Prone Percentages (PPP) across industry sectors, company sizes, and regions.Let’s explore the top takeaways, and how to proactively reduce your organization’s phishing risk.

     

    What is the Phishing-Prone Percentage (PPP)?

    The Phishing-Prone Percentage (PPP) is the percentage of users who clicked on a simulated phishing email during testing. It reflects how vulnerable your employees are to phishing before any training.

    In the 2025 benchmarking study, KnowBe4 analyzed simulation results across:

    • 19 different industry sectors
    • 9 geographic regions
    • 3 company size categories

    The findings deliver critical insight into how susceptible specific verticals are, and how well training programs actually work.


    Initial Phishing Risk in 2025: Benchmarking by Industry

    The average baseline PPP across all industries was 34.3 percent, meaning over one in three employees clicked on a phishing link without training. But some industries performed significantly worse.

    Industries with the Highest Initial PPPs:

    • Hospitality – 52.9%
    • Education – 50.2%
    • Pharmaceuticals – 48.2%
    • Healthcare & Medical – 46.9%
    • Energy & Utilities – 45.8%

    These sectors are high-risk due to sensitive data, high employee turnover, or frequent external communication, all factors that increase phishing vulnerability.


    Industries with the Lowest Initial PPPs:

    • Technology – 28.5%
    • Finance & Banking – 29.8%
    • Insurance – 30.1%

    Organizations in these industries tend to have more mature cybersecurity programs and stricter access controls.

     

    Phishing Risk by Company Size

    Company size plays a role in phishing vulnerability, but not in the way many expect:

    • Small organizations (1–249 employees): More vulnerable due to limited resources
    • Mid-sized organizations (1,000–2,500 employees): Highest average PPP across the board
    • Large enterprises (10,000+ employees): Lower PPPs thanks to stronger governance and layered defenses

    Regardless of size, no organization is immune, especially without ongoing training.

     

    Assess your Third Party Risk Management

     

    Training Works: How PPP Drops Over Time

    The most impactful takeaway from KnowBe4’s 2025 report? Security awareness training works, fast and sustainably.

    Organizations that implemented consistent phishing simulations and training saw a massive drop in PPP:

    Timeline After Training Average PPP
    Initial Baseline 34.3%
    After 90 Days 17.2%
    After 12 Months 4.6%

    That’s an 86 percent reduction in phishing vulnerability over one year.

     

    Phishing Tactics: What Lures Are Employees Falling For?

    KnowBe4’s simulations use real-world phishing templates designed to mimic what attackers actually send. The most effective lures in 2025 include:

    • IT alerts: “Password expired. Click here to reset.”
    • Delivery notifications: “FedEx: Your package is delayed.”
    • HR notices: “Policy update: View changes to PTO benefits.”
    • Account security warnings: “Suspicious login detected.”

    These messages rely on urgency, fear, or curiosity, triggering emotional responses before critical thinking kicks in.

     

    How to Reduce Phishing Risk in Your Organization

    Based on the 2025 benchmark data, here are the most effective strategies for reducing phishing exposure:

    • Invest in Security Awareness Training: Train employees continuously, not just once a year. Tailor content by department and role.
    • Launch Ongoing Phishing Simulations: Test your workforce with simulated phishing campaigns. Use results to identify high-risk users.
    • Measure Your Own PPP and Benchmark It: Compare your phishing-prone rate against KnowBe4’s industry averages to assess your risk.
    • Layer Technical Controls: Use secure email gateway, DNS filtering, and multi-factor authentication to block phishing payloads.
    • Build a Security-First Culture: Reward users for reporting suspicious emails and normalize asking IT for help.

     

    In Closing: Understand the Risk, Train to Prevent It

    The Phishing by Industry Benchmarking Report 2025 underscores a hard truth: technical defenses alone aren’t enough. People are the last line of defense, and often the first target.

    The most at-risk industries in 2025 are those that interact with sensitive data, the public, or third-party vendors. But no sector is truly safe without training.

    Want to benchmark your organization’s PPP and improve employee resilience? RSI Security provides tailored phishing simulation services, role-based awareness training, and advisory to help reduce human cyber risk.

     

    Schedule A Third Party Risk Management service


  • Your Web Application Penetration Testing Checklist

    Your Web Application Penetration Testing Checklist

    If your organization builds or relies on web applications for critical operations, web application penetration testing is essential. This updated guide follows OWASP’s latest standards and aligns with RSI Security’s risk-informed approach to testing. Regular penetration testing helps organizations uncover vulnerabilities, fix security gaps, and ensure their applications are resilient against evolving cyber threats. (more…)

  • What are the SOC 2 Processing Integrity Controls?

    What are the SOC 2 Processing Integrity Controls?

    SOC 2 compliance is essential for service organizations that want to prove their security and operational practices meet industry standards. One of the key trust service criteria in a SOC 2 audit is processing integrity. This principle focuses on ensuring that data processing is accurate, complete, timely, and authorized, supported by specific controls across objectives, inputs, processes, outputs, and storage.

    Is your organization preparing for a SOC 2 audit? Schedule a consultation today to assess your readiness.

    (more…)

  • What is the Difference Between a VA Scan and a Pen Test?

    What is the Difference Between a VA Scan and a Pen Test?

    In cybersecurity, identifying vulnerabilities is only half the battle. To build a strong defense, organizations must regularly scan for weaknesses and test their systems through penetration testing. Penetration testing and vulnerability assessments are both essential, but they serve different purposes.

    This guide explains how each works, when to use them, and how they can work together to protect sensitive data and critical systems.

     

    (more…)

  • Top Cybersecurity Threats This Week: SolarWinds Flaw, Airport Ransomware, Oracle Exploits

    Top Cybersecurity Threats This Week: SolarWinds Flaw, Airport Ransomware, Oracle Exploits

    This week’s top cybersecurity threats reveal how attackers are targeting core enterprise systems, critical infrastructure, and trusted internal tools to gain access and disrupt operations. A critical vulnerability in SolarWinds Web Help Desk, a ransomware attack that grounded airport systems across Europe, and stealthy abuses of Oracle Database Scheduler functionality all underscore the evolving nature of today’s threat landscape.

    (more…)

  • Your Guide to Attestation Services and SOC 2 Audits

    Your Guide to Attestation Services and SOC 2 Audits

    Demonstrating a commitment to data security is no longer optional—it’s expected. If your organization handles sensitive data, provides IT services, or operates within regulated industries, you’ll need more than policies in place—you’ll need to prove those controls work. That’s where attestation services governed by the American Institute of Certified Public Accountants (AICPA) come in.

    (more…)