The majority of IT managers are confident about their email security systems, but email attacks would.
For a study on behalf of Barracuda, a provider of cloud-based security solutions, 660 IT managers worldwide were asked about their experiences with email security, phishing, insider threats, and Office 365. In addition, the associated effects on business processes and the expenditure for IT security, and the costs of security breaches were examined. The study shows that while most IT professionals are more confident about the email security systems they use, email attacks would continue to have a significant impact on business operations.
According to the study, 74 percent of those surveyed state that email attacks have a massive impact on business operations. The most frequently mentioned effects are loss of productivity among employees (49 percent), downtime and operational disruptions (36 percent), and the resulting loss of reputation of the IT team (28 percent). Almost three-quarters of respondents report that they have higher stress levels because they also had to work nights and weekends to solve email security issues. In addition to this, they are also concerned about email security in their company outside of the workplace.
Seventy-eight percent of companies are convinced that costs have increased due to email attacks. Sixty-six percent believe that attacks in the past year caused direct financial costs to their company. Forty-four percent of respondents said that attacks cost their company up to $ 100,000, and 14 percent said attacks were in the range of up to $ 500,000.
Nevertheless, 63 percent of the security experts surveyed believe that their company’s data and systems are even more secure than a year ago. In EMEA, 52 percent believe they are better protected than 12 months ago (America: 64 percent / APAC: 70 percent). However, a lack of security tools to reliably identify threats can also give a company a false sense of security.
Despite the overwhelmingly positive assessment of their defense mechanisms, companies see phishing and ransomware at the top of the list of security risks for which they are not fully prepared. Forty-three percent of companies have been victims of a spear-phishing attack in the past twelve months. In addition to spear phishing, they also see malware, data loss, spam, smishing (SMS phishing), account takeovers, and vishing (voice phishing) as risk factors.
More than three-quarters of companies state that their employees have difficulty or not at all recognizing suspicious emails. Seventy-nine percent of IT experts are worried about attacks and violations that have been initiated within the company. Ninety percent of Office 365 users have significant security concerns, the largest of which are data protection and loss (40 percent), spam and malware (37 percent), and system reliability and downtime (35 percent). In addition, 86 percent of companies consider third-party email security solutions essential to ensure a high level of security.
Due to the widespread use of email-based attacks, IT security professionals need to focus on developing and escalating phishing, ransomware, and other threats and noticeably improve their email security. The measures should go beyond the traditional gateway.
Also Read: How Industrial Cybersecurity Can Contribute To Business Success