Email Security

    State of Email Security 2023: EU Landscape Shifts

    Changes in the volume, variety, and velocity of cyberattacks are increasing European companies’ risk, according to Mimecast’s flagship report on email security.

    by Sander Hofman  

    Key Points

    • Mimecast’s State of Email Security pollsters found a kaleidoscope of cyberthreats and vulnerabilities in Europe this year.
    • Business email compromise is up and ransomware impact is down, but trends could keep evolving amid geopolitical conflict and heightened regulation.
    • Automation and integration are watchwords for the year.

    European businesses are operating within a shifting cyber risk landscape in 2023, complicated by the war in Ukraine, new regulatory requirements, and remote work. EU companies must dodge more and increasingly sophisticated attacks, according to Mimecast’s new State of Email Security 2023 (SOES 2023) report, even as their hybrid work models make them more exposed to threats.

    The percentage of EU respondents citing increases in phishing and business email compromise (BEC) exploits rose again in the past year, following a dip in 2021. At the same time, there was a decline in the percentage of respondents reporting incidences in which ransomware attacks had a significant impact on business operations. The increasing use of collaboration platforms at most businesses has opened them to another angle of cyberattack. And amid the fray, new regulations are entering into force this year, elevating compliance risk.

    These and other EU-level findings from the global SOES 2023 survey frame a discussion about how European companies protect their communications, people, and data from malicious email, the root cause of most cyberattacks. The report is based on a late 2022 survey of CISOs and other IT professionals across 12 industrial sectors and 13 countries, including Denmark, France, Germany, the Netherlands, and Sweden.

    Top-Level SOES 2023 Findings: Another Year of Risk

    More than three-quarters (78%) of EU respondents to the SOES 2023 survey expect to suffer a negative business impact this year from an email-borne attack. While high, that figure has actually dropped from 2022, when it spiked to 86%. Meanwhile, other problems have emerged, including:

    • Sophisticated Attacks: The increasing sophistication of attacks tops the list of European cyber woes, cited by 56% of survey respondents as one of their biggest challenges.
    • More Attacks: Nearly as high on the list of challenges is the sheer volume of attempts, cited by around half of respondents. In particular, the number of respondents reporting increases in phishing with malicious links and BEC rose over the previous year. 
    • Lack of Awareness: Given this onslaught of more, different, and more devious threats, it’s no wonder European respondents are concerned about their employees’ cyber awareness. Just over half (51%) say this is one of their biggest challenges this year, up from 41% last year. This worry is more pronounced in Denmark, the Netherlands, and Sweden, though, than in France and Germany. Perhaps contributing to this concern is the fact that the three Nordic countries experienced more email outages than other countries in the past 12 months.
    • Staff Shortages: European SOES 2023 findings show an intensifying cybersecurity skills shortage that is most pronounced in Sweden. In fact, the hiring squeeze is a global issue for about one-third of all respondents worldwide, though U.K. survey respondents express less concern.
    • Budget Woes: More than one-third of EU companies (35%) feel that one of their biggest challenges is an insufficient cybersecurity budget, on average, though Danish respondents are more likely to note a shortfall (44%).

    Notable Trends: Declining Ransomware Impact but Ongoing War-Related Risk

    EU companies say that ransomware has recently had less of an impact on their business operations. Over one-third (36%) say they suffered significant disruption in the past year due to this form of cyber extortion, compared to nearly half (47%) in 2021.

    Meanwhile, cyberattackers are using the war in Ukraine as a lure in phishing campaigns across Europe, according to the EU Agency for Cybersecurity (ENISA). “It is very likely that we will continue to see similar Ukraine war-themed social engineering attacks (very likely amongst other types of cyberattacks), targeting European governments, civilians, and organizations,” the agency said.[1]

    Ukraine-related attacks appear to come in waves, observers explained. Google’s Threat Analysis Group cautioned against complacency: “We assess with high confidence that Russian government-backed attackers will continue to conduct cyberattacks against Ukraine and NATO partners to further Russian strategic objectives.”[2]

    Boards of Directors to Assume Greater Role

    Corporate boards have been on notice since the EU’s second Network and Information Security Directive (NIS2) went into force in January, with national rules to be implemented in the coming months. While extending cyber regulation to a larger group of companies and sectors, NIS2 zeroes in on the responsibilities of boards and CEOs, saying that they can be held liable for infringements if they do not effectively oversee compliance.[3] 

    The directive also calls for training company leaders in cybersecurity oversight. Switzerland’s Cyber Risk consulting firm summed up this change in risk ownership, saying: “It is a clear requirement from the NIS2 Directive that the board of directors and the CEO must have the knowledge and skills necessary to assess cybersecurity risks, challenge security plans, discuss activities, formulate opinions, and evaluate policies and solutions that protect the assets of their organization.”[4]

    According to Mimecast’s SOES 2023 report, “Risks that senior executives endured a few years ago are now viewed as unacceptable.” Boards’ increasing liability under NIS2 could be reflected in their approval powers over budgeting for cybersecurity. EU survey respondents say that 12.5% of their IT budget, on average, is dedicated to cyber resilience, adding they’d be more confident with spending of about 15%.

    Collaboration Raises Risk

    Nearly nine in 10 European companies find collaboration tools essential to day-to-day operations, with almost as many (82%) saying that their use of these tools for conferencing, file sharing, and other business needs has increased in the past year. 

    But two-thirds report that the native security features in today’s collaboration tools is insufficient. Over three-quarters see this disconnect posing new threats and loopholes that urgently need to be addressed. And the same number expect their company to suffer a negative business impact from an attack involving a collaboration tool this year. Over one-third have already seen a collaboration platform attack that spread across their company.

    Deploying New Defenses: AI/ML and Security Integration

    Nearly half of European survey respondents say they’re using artificial intelligence or machine learning (AI/ML) in their cybersecurity programs today. Around one in three are looking to do so in the coming year, even as cyberattackers use these same tools to accelerate and enhance their own capabilities.

    Those EU companies already using AI/ML say the biggest benefit is a reduced workload for their cybersecurity teams, as AI/ML automates tasks. Other upsides cited include more accurate detection, better threat prevention, and more rapid remediation.

    When it comes to integration, 81% of European survey respondents express a preference for working on platforms that unify disparate tools using application programming interfaces (APIs). Those survey respondents already integrating parts of their programs say they’ve seen a 26% efficiency gain in their day-to-day operations.


    The Bottom Line

    Cybersecurity continues to grow in complexity in Europe. EU respondents to Mimecast’s SOES 2023 survey are seeing more business email compromise, less ransomware impact, more regulation, and unpredictable risk from the war in Ukraine. The bottom line is that nearly eight in 10 European security professionals expect an attack via email or a collaboration platform to harm their business this year. Read the global State of Email Security 2023 report to learn more.



    [1]ENISA Threat Landscape 2022,” EU Agency for Cybersecurity (ENISA)

    [2]Fog Of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape,” Google Threat Analysis Group

    [3]Directive (Eu) 2022/2555 of the European Parliament and of the Council of 14 December 2022,” Official Journal of the European Union

    [4]NIS 2 Directive Training for the Board,” Cyber Risk GmbH

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top