Email security may not always be
top of mind for marketing teams struggling to drive revenue. But it can affect them — and the entire organization.
And the problem is not going away, judging by Email
Security Risk Report 2024, a study fromEgress.
Of the companies polled, 94% were victimized by phishing attacks within their Microsoft 365 environments in the last 12 months.
That’s up from 92% in the previous year.
The damage from such attacks like those are as follows:
Financial loss from customer churn —
47%
Reputational damage — 42%
Financial loss from regulatory penalties — 34%
Lengthy remediation — 22%
Legal
repercussions, including litigation — 14%
advertisement
advertisement
The top three attack types were:
- Malicious URLS
- Attacks sent from compromised
trusted third-party accounts
- Malware or ransomware
The reason for the breaches?
- Reckless
behavior to "get the job done"
- Human error
- Malicious exfiltration
And while 76% enforce
internal information barriers, 51% have had them breached. Meanwhile, 51% have fallen victim to phishing attacks sent from compromised supply chain accounts.
Among
cybersecurity leaders, 95% are stressed about email security, with these issues keeping them awake at night:
- Deepfakes — 63%
- AI
chatbots — 61%
Of the victims, 58% suffered an account takeover.
Moreover, they have concerns about their traditional
technology:
- Secure email gateway — 91%
- Microsoft — 88%
- Static data-loss
prevention rules — 90%
Among the respondents, 91% are concerned about the effectiveness of their training.
Egress surveyed 500
cybersecurity leaders, including CISOs and CIOs from the U.S., the U.K. and Australia, all of whom used Microsoft 365.