Collaboration Tools: A Double-Edged Sword

While email remains the primary attack vector for bad actors, collaboration tools have become another key front in the cybersecurity wars.

These tools, which include virtual communication platforms such as Zoom and teamwork-enabling software like Google Workspace, Slack, and Microsoft Teams, continue to soar in popularity. Per Gartner, spending on social and collaboration software will reach $14.5 billion in 2023, growing to $24.7 billion by 2027.[1] The team collaboration software segment alone is charging ahead at a compound annual growth rate of 18%, according to another market research firm. Asia-Pacific is the fastest growing market, while North America remains the largest.[2]

Collaboration software quickly became indispensable during the COVID-19 pandemic, empowering workers to share data and resources, assign tasks, and work together remotely. Since then, the growth of these apps has continued to be fueled by the recognition that enabling workplace collaboration and teamwork can have a positive impact on employee engagement and satisfaction.[3]  

The rapid rise of collaboration tool adoption is borne out by Mimecast’s The State of Email Security 2023 (SOES 2023) report, which surveyed 1,700 companies in 13 countries and across 12 industrial sectors. The study’s participants overwhelmingly agree (90%) that collaboration tools are essential to the well-ordered functioning of their companies.

But the IT and cybersecurity professionals who were interviewed are also concerned that the rapid spread and growing reliance on these tools makes them an increasingly attractive target for the criminal set. More than one-third of SOES respondents (38%) indicated that the number of attacks due to collaboration tools is on the rise, while three out of four (75%) believe that the new threats posed by collaboration tools urgently need to be addressed. 

Collaboration Tools: Essential but Risky

Few contemporary businesses can function without the use of collaboration tools, which integrate communications and messaging with project management functions. Designed to provide a central platform for data and document sharing, collaboration software helps businesses encourage virtual teamwork and work more efficiently, especially in the context of today’s remote and hybrid work environments.

Yet two-thirds of the SOES 2023 respondents (67%) say that trying to keep pace with the number of collaboration tools in use at their organization is an overwhelming proposition. Just as concerning, more than half (55%) complain that employees routinely download and use new tools that have not been vetted or approved by IT.

At most companies (82%), the use of these platforms continues to grow, and this has provided an ever-bigger attack surface for cybercriminals to exploit. As noted, more than one-third of the SOES respondents report that the number of attacks due to collaboration tools is on the upswing. Even more tellingly, nearly three-quarters (72%) say it is likely, extremely likely, or even inevitable that their organization will be damaged by a collaboration-tool-based attack in 2023.

It’s not surprising then that three in four SOES respondents say it is a top priority to quickly close the newly created security loopholes created by these platforms. Among respondents at companies where the use of these tools increased significantly during the previous 12 months, this sentiment is even stronger (82%). And it is stronger still among respondents in energy and media and entertainment sectors, where 87% expressed grave concern about collaboration tools and their attendant risks.

Additional Security Required

The SOES respondents also harbor doubts that the security safeguards provided by the makers of the most popular team-building platforms are sufficient, given the extent of the threat. Nearly two-thirds (62%) feel that most native collaboration tool security is inadequate to meet their needs. Almost as many (57%) indicate that their own company’s cybersecurity defenses are incapable of coping with the additional risks posed by these platforms.

It’s also worth noting that when it comes to Google Workspace and Microsoft 365 in particular, nearly all respondents (94%) say that additional security measures are needed to supplement these platforms’ native security functions. 

To improve their defenses, there is a widespread sense that companies need to spend more on collaboration tool security. How much more? According to two-thirds (66%) of the respondents, their organization needs to increase its budget for securing collaboration tools by an average of 14%.

The Bottom Line

Collaboration tools are improving workplace teamwork and employee productivity, and few companies today can make do without them. But such software has also enlarged the attack surface that cybercriminals can exploit. Companies can’t simply rely on the native safeguards built into these applications for protection; they must invest in additional security measures. To learn more about how companies are dealing with the risks posed by collaboration tools download Mimecast’s SOES 2023 report.

[1] ”Social and Collaboration Software to Reach $24.7 Billion by 2027,” Gartner

[2]“Analysis,” Mordor Intelligence

[3] “3 Ways Stronger Collaboration Improves Employee Satisfaction,” Forbes