Phishing Attacks on the Rise
An alarming 94% of global organisations have fallen prey to email security incidents in the past year, with phishing attacks up by 2%, according to a recent cybersecurity report. The repercussions of these incidents have been significant, with 96% of affected companies experiencing operational disruptions, a 10% increase from the previous year.
Account Takeovers and Data Loss: A Growing Concern
The report also highlights the prevalence of account takeovers, with 58% of cybersecurity leaders reporting such incidents. Data loss and exfiltration have similarly risen in prominence, impacting 91% of organisations and often stemming from employee mistakes or malicious intent.
The Human Cost of Email Security Breaches
The consequences for employees entangled in phishing schemes are severe. Disciplinary measures, including job termination, were enforced in 74% of incidents, underlining the gravity with which organisations are treating these breaches.
AI-Enhanced Cyber Threats Spark Fear
With AI becoming increasingly integrated into business operations, 61% of cybersecurity leaders are now concerned about AI chatbots being used in phishing attacks. The fear of deepfakes is also on the rise, with 63% of leaders worried about this emerging threat.
Microsoft Credentials: A Prime Target
Cybercriminals are aggressively pursuing Microsoft credentials, with 58% of organisations suffering from account takeover attacks. A staggering 83% of these incidents saw attackers circumventing multi-factor authentication, revealing a critical vulnerability.
Secure Email Gateways Under Scrutiny
The effectiveness of Secure Email Gateways is being called into question, with 91% of organisations expressing dissatisfaction and 87% considering alternative solutions. Microsoft 365’s native controls and Integrated Cloud Email Security solutions are becoming more popular as companies seek better protection against email threats.
Security Training: Is It Enough?
Despite widespread incidents, the current approach to Security Awareness Training appears inadequate. While 88% of organisations offer training, it is often only for compliance, and rarely tailored to specific departments or individuals, raising doubts about its effectiveness in preventing breaches.
Expert Insight: A Call to Reinforce Defenses
Jack Chapman, VP of threat intelligence at Egress, emphasizes the urgent need for organisations to re-evaluate their email security strategies. He points out the continuous vulnerabilities to phishing, human error, and data exfiltration, urging companies to stay abreast of trends and bolster their defenses accordingly. Chapman warns that without adapting, organisations risk facing the same threats next year.
Conclusion: An Urgent Need for Change
The report serves as a stark reminder of the critical state of email security. With 95% of cybersecurity leaders stressed about email threats, it’s clear that organisations must urgently adapt their strategies to combat the evolving landscape of cyber risks.