The Mimecast Email Security Risk Assessment – Take 2

As promised at the time of our first release of our ESRA results, we are now dropping the 2nd release of our aggregated ESRA test results.  And if you are pessimistic about the efficacy of most email security systems and the improving effectiveness of attackers, you won’t be disappointed. But before I get into the details of this latest ESRA report release let me explain what the Mimecast Email Security Risk Assessment program is all about.

In an ESRA, Mimecast uses its cloud-based Advanced Security service to assess the effectiveness of other email security systems in use by real organizations with their real daily email. An ESRA test passively inspects emails that have already been inspected by the organization’s incumbent email security system and received by their email management system. In an ESRA, the Mimecast service re-inspects the emails deemed safe by the incumbent email security system and thus looks for false negatives, such as missed spam, malicious files, and impersonation emails that were passed by their current email security system.

In my earlier blog, which introduced the ESRA program to the world, I asked if it would surprise you that Mimecast overall was seeing a 13.2% false negative rate. Unfortunately, I need to update that number now. The observed aggregate false negative rate is now up to 22.3% of all received emails. Remember this percentage is after the organization’s incumbent email security system has done its work – which is why we refer to it as a false negative rate! And while the vast majority of these false negatives - 99.8% - can be attributed to missed spam, nearly 10.5K emails with malware attachments were also missed across these tests.  While missing spam is annoying, missing malware can be very dangerous! 

And perhaps the most concerning change that was observed from the first report to the second was the dramatic increase in the number of likely impersonation-based email attacks that were missed.  With just another quarter of executing ESRA tests, the total of missed impersonation emails found by the Mimecast service went from 1697 to 8605, which is more than a 400% increase in that one category of phishing emails. No wonder that the FBI reports that Business Email Compromise is now a $5B scam! 

Check back with Mimecast in the late Summer 2017 when we plan to produce our 3rd take of completed ESRA tests to that date. Unfortunately, I am not expecting good news in that report either!



Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

Trending in Cybersecurity: April 2017

Missed the latest news in today’s cybers…

Missed the latest news in today’s cybersecurity world? Havin… Read More >

Danielle Anderson

by Danielle Anderson

Social Media Specialist

Posted Apr 05, 2017

The Mimecast Email Security Risk Assessment – Benchmarking Email Secur…

Would it surprise you to learn that in r…

Would it surprise you to learn that in recent testing Mimeca… Read More >

Matthew Gardiner

by Matthew Gardiner

Director of Product Marketing

Posted Feb 14, 2017