Here’s one detail you might not have known about email security: it doesn’t exist.
On the contrary, 61% of all firms fear their businesses will be hurt by email-borne threats this year, according to "The State Of Email Security Report 2019," a study by Mimecast.
And they’re right to worry. For example:
That’s not all. Another 88% saw email-based spoofing of business partners or vendors, and 41% saw an increase in internal threats and data leaks.
This has to erode the trust needed by email marketers to get their messages opened.
Overall, business-disrupting ransomware attacks are up 26% over last year. And 49% of those polled suffered downtime for two to three days, and 31% for four to five days.
“IT decision-makers are losing confidence in their organization’s ability to prevent the worst,” Mimecast states.
The most affected companies were in the finance, manufacturing, processional services and sci/tech industries, in that order, according to the report. Telecoms, agriculture, forestry and fishing and nonprofits were, happily for them, at the bottom of that scale.
Worse, this problem is global. The study reports that 62% of businesses in the UAE were hit by ransomware attacks, as were 61% in the U.S., 60% in Germany, 51% in Australia, 43% in the Netherlands and 39% in the UK.
Here are the harms they endured:
The situation could be improved with better employee training. But it’s not clear that firms have acted on that idea.
Mimecast conducted a phishing simulation at a technology firm with over 6,500 employees.
It found that 12% clicked on the suspicious simulated emails, whereas 76% didn’t. That 12% is frightening, since only one opened phishing email can create havoc.
And it wasn’t as if they studied the email first. Among the 12% who clicked on the emails, 7% clicked in under one second, 3% clicked at 30 seconds and 2% took longer.
The main lessons from this report? We quote Mimecast:
Vanson Bourne, a research firm commissioned by Mimecast, surveyed 1,025 IT decision makers worldwide.