Mimecast’s 2022 The State of Email Security report is out!
As our working dynamic has seen a dramatic shift to a more remote environment, it goes without saying that there has been a profound impact on our IT and security frameworks. Security experts are rapidly identifying and combating arising cyber threats as todays working environment constantly adapts to these changes.
Over the past year there have been drastic rises in cyberattacks, particularly phishing attacks which accounted for 36% of data breaches, with an estimated 96% occurring via email.
Enablis’ email security partner, Mimecast, recently revealed in their latest 2022 email security report that 2021 was the ‘worst year on record for cybersecurity’, with the average ransomware payment soaring to ‘$570,000 during the first half of 2021’, an increase from ‘$312,000 in 2020’.
Mimecast have once again commissioned a global survey consisting of 1,400 State of Email Security (SOES) respondents, consisting of CIOs, CTOs, CISOs, IT Directors and IT Security Directors, IT and SOC managers, and security architects and analysts, to provide useful insights into the current state of email security.
Mimecast's key findings from the report are:
- 98% of companies are either using or plan to use a brand protection service this year.
- 95% of respondents say their cyber resilience has been impaired by insufficient funding.
- Only 23% of companies provide cyber awareness training to their employees on an ongoing basis, but 87% offer it at least once a quarter.
- When faced with a ransomware attack, 64% of companies paid the ransom, yet nearly 4 out of 10 of them failed to recover their data.
- 99% of companies either have a system to monitor and protect against email-borne threats or are actively planning to roll one out.
- 80% of companies are bracing for the fallout from an email-borne attack.
- 96% of companies have been the target of an email-related phishing attempt.
- Email usage rose for 8 out of 10 companies.
- More than 8 out of 10 respondents believe their company is at risk due to inadvertent data leaks by careless or negligent employees.
- Cyberattacks are growing increasingly sophisticated according to 52% of the respondents.
- 96% of companies either have a cyber resilience strategy or are actively planning to put one in place.
- 3 out of 4 companies are receiving an increased number of email-based threats.
- On average, 14% of IT budgets are allocated for cyber resilience.
- 75% of companies were hurt by a ransomware attack, up from 61%.
- To counter brand spoofing, 89% of companies are making use of DMARC or plan to do so over the next 12 months.
Mimecast's 2022 email security report discusses the dire consequences of an email-borne attack and the notable differences in which these threats attack different countries as well as industries, along with ways to identify, prevent and recover from these attacks.
The report also highlights the additional protections Microsoft 365 is in need of, as agreed by 90% of SOES respondents who believe additional safeguards should be explored by the popular platform.
It was revealed that approximately 79% of SOES respondents encountered ‘an MS 365 email outage in the past year’, and 30% characterised those outages as severe.
Here's Top 10 ten report takeaways:
- The cyber threat landscape is dire.
- Everyone has a phish tale — and they’re all true.
- The data thieves are winning.
- Companies are more awake to the need for cyber defense.
- Too many companies are still cyber-unprepared.
- Companies are paying for cybersecurity — but need to pay more.
- Using MS 365 for email is not a cyber resilience strategy.
- AI and machine learning are giving cybersecurity a big boost.
- Don’t blame employees — give them better training.
- No rest for the weary: Online brand impersonation is on the upswing.
To read the full Mimecast 2022 State of Email Security report click here. If you would like to find out about Secure Access Service Edge (SASE) visit the resource centre here.