Report: Native email security systems open doors to vulnerabilities

INFOSECURITY LONDON 2019 – Mimecast (NASDAQ: MIME), a leading email and data security company, today announced the availability of its latest quarterly Email Security Risk Assessment (ESRA), an aggregated report of tests that measure the efficacy of widely used email security systems.¹ The report shows the need for the entire industry to continue to work toward a higher standard of email security.

Many organizations think their current email security systems are up to the task of protecting them from phishing. Unfortunately, many of them fall short and do not keep their organizations safe. The latest quarterly ESRA report shows that many email attacks ranging from opportunistic spam to highly targeted impersonation attacks are getting through incumbent email security systems both in large number and variety. The report found 26,305,457 spam emails, 27,156 malware attachments, 55,190 impersonation attacks and 466,905 malicious URLS, were all missed by these incumbent providers and delivered to users’ inboxes, an overall false negative rate of 11% of inspected emails. 

Impersonation and phishing attacks are becoming a growing problem.  According to the recently launched State of Email Security 2019 report, 85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact – like financial, data or customer loss. Not only that, but 94% of the respondents said they experienced a phishing attack, with 55% noting an increase in this type of attack year over year. This reaffirms the need for the industry to continue to provide better efficacy in their email protection to help organizations strengthen their cyber resilience to keep their data and communications safer. 

“Today’s threat landscape continues to evolve as cybercriminals adapt their attack methods, particularly email-borne attacks, to evade the detection of traditional security solutions. This is becoming a huge problem for companies regardless of size -- across the globe. The ESRA results offer deep insights so our customers can better understand the types of attacks threatening their business,” said Joshua Douglas, vice president of threat intelligence at Mimecast. “Through better email security, paired with improved security awareness, Mimecast can help customers build a comprehensive cyber resilience strategy that prepares them to take on and defend against both known and unknown cyber threats.”

About Mimecast

Mimecast is a cybersecurity provider that helps thousands of organizations worldwide make email safer, restore trust and bolster cyber resilience. Mimecast’s expanded cloud suite enables organizations to implement a comprehensive cyber resilience strategy. From email and web security, archive and data protection, to awareness training, uptime assurance and more, Mimecast helps organizations stand strong in the face of cyberattacks, human error and technical failure.

¹Specific security policy settings and controls of the incumbent email security system are directly managed by the individual customers of these other vendors.