Incumbent Security Systems Missing Millions of Email Threats
 

We recently announced the fifth in our series of quarterly reports aggregated from our Email Security Risk Assessment (ESRA) testing program.  For those new to these tests, in an ESRA test Mimecast uses our cloud-based email security service, including our Targeted Threat Protection services, to assess the effectiveness of incumbent email security systems in use by individual organizations.  An ESRA test passively inspects emails that have already been inspected and delivered—not blocked—by the organization’s existing email security system.

With an ESRA, the Mimecast service re-inspects the emails deemed safe by the incumbent email security system, thus looking for potential false negatives, such as missed spam, malicious files, and impersonation emails that were passed through by the existing security system for delivery.

Now to the latest ESRA report.

To date, in aggregate, Mimecast has inspected:

• 95,915,659 emails inspected
• 931 days of testing
• More than 165,000 email users
• Live email for 37 organizations covering 20 industries

The false negative rate for all the incumbent email security systems that have been tested to date is 15%, meaning that 15% (or more than 14 million) of the nearly 96 million emails that were allowed through should have been determined to be spam or contain malicious files or an attempt at impersonations. That’s a lot of annoying and potentially malicious email getting through! 

New for 2018’s ESRA quarterly reports, we have broken out the results we have witnessed for two specific incumbent vendors, namely Microsoft Office 365™ and Proofpoint.  Given that together they make up more than 80% of the analyzed emails to date, it made sense to break out the results individually for them.

While no security solution is perfect, I’ll let you determine what you consider to be “good enough” for your organization’s email security!