• by Ray Schultz , August 1, 2018

IT personnel are greatly worried about email phishing attacks. But only 29% say their firms are taking serious steps to prevent them, and a minority — 39% — feel they are spending enough, according to Email impersonation Attacks: A Clear & Present Danger, a study by the Ponemon Institute, sponsored by Valimail.

Worse, 21% are taking no protective steps at all, and 46% are taking some measures.

In addition, 39% do not review their email security plan on a regular basis. However, 28% do so annually, 12% bi-annually and 11% do quarterly.

Only 29% employ DMARC (Domain-based message authentication, reporting and conformance). And 34% provide anti-phishing training to employees.

But 48% are working on DMARC and 57% on starting training programs. In addition, two-thirds would invest in a DMARC solution if they knew it would stop impersonation attacks.  

Moreover, 77% assign a high level of urgency to preventing attacks.

Of the possible email threats, 82% are concerned about hackers spoofing the email domain to hurt the deliverability of legitimate emails. And 80% have general fears about the state of email security at their firms, with good reason. Thirty percent know with certainty that they have suffered a data breach within the last 12 months, and 31% feel they most likely have. Only 17% say it’s not likely. 

Anti-spam and anti-phishing filters are the main solution for preventing email impersonation, despite their “ineffectiveness,” the study states — 69% employ such filters, and 63% use them specifically to block impersonation.

In addition, 56% have secure email gateway technology, 44% use security information and event management (SIEM) technology. 

Among those whose levels of concern are very high, 74% worry about phishing emails directed at employees or executives and 67% as a source of fraud directed against the company. In addition, 66% are alarmed by the prospect of exfiltration of data or infiltration of malware via email.

What would it take for firms to increase their paltry security budgets? Loss of customers would influence most, as shown by this list:

• Concern over potential loss of customers due to a security incident — 65%
• A serious hacking incident affecting your organization — 56% 
• Concern over relationship with business partners and other third parties — 50%
• New regulations — 45%
• Media coverage of a serious hacking incident affecting another company — 23%
• Government incentives such as tax credits — 12%
• Other — 2% 

Meanwhile, 45% say a 20% increase in the budget would improve their detection rate, and 33% that it would increase their prevention rate.

Ponemon surveyed 650 IT and IT security professionals. The companies have over 1,000 employees, six servers and 15 cloud-based services that send email for them.