• by Ray Schultz , August 16, 2021

Companies are wide open to email security breaches, judging by a new study from Hornetsecurity. 

Of businesses surveyed, 23% have suffered an email-related security breach. And 36% were caused by phishing attacks targeting the weakest point in the security ecosystem: The end users. 

Hornetsecurity focused on firms using the Microsoft 365 platform. 

It also found that 62% of all data breaches are caused by compromised passwords and phishing attacks.

User-compromised passwords and phishing attacks were the reason for 62% of all security breaches reported. 

In another depressing finding, 54% of all respondents say they have yet to implement Conditional Access rules along with Multi-Factor Authentication, the latter being a practice that prevents users from logging into their accounts from unsecured networks.

Moreover, 33% have yet to implement Multi-Factor Authentication across all users.

In addition, while 68% expect Microsoft 365 to keep them safe from email threats, 50% use third-party solutions. And 82% of those that use third-party tools report no breaches. 

Meanwhile, 74% of all security breaches were experienced by companies that have between 201 and 1000 employees. But the incidence falls to 17% among firms larger than that, probably because such companies have invested in more robust security protocols in response to prior concerns.

Hornetsecurity surveyed over 420 businesses.