Our third annual State of Email Security report is here.

GettyImages-693641324.jpg

What is the current state of email security globally? Excellent question. The short answer, per the results of the Mimecast State of Email Security Report 2019 – is not good. Sorry to start this blog on a downer, but I can only provide you the red pill, that is the truth!

Read on to learn more about why I draw that conclusion and how Mimecast recommends you improve your organization’s email security and resilience.

You will want to read the latest installment of the report to get the whole story, compare the trends to your organization, and to draw your own conclusions.

Get more posts like this delivered to your inbox every week. Subscribe to Cyber Resilience Insights today.

While this global survey driven report covers a broad swath of security territory, including email security, awareness training, threat intelligence, and cyber resilience, a few email security related stats jump off the page for me.

They are:

  • 94% of organizations have experienced phishing attacks in the last 12 months. I think the remaining 6% are very lucky organizations! What are they doing to miss this onslaught? If phishing isn’t the most ubiquitous attack vector, I don’t know what is. Imagine if 94% of organizations had experienced other forms of crime. Immediate action would be expected.
  • 65% of organizations saw increased impersonation attacks (business email compromise) year-over-year. Proving that attackers keep changing their attack techniques to keep the money rolling-in, impersonating your CEO, business partner, or well-known internet brand (most often Microsoft Office 365) has exploded in popularity. Why create and plant malware, when attackers can just get victims to send money or other valuable content directly to them?
  • 41% of organizations saw increases in internally-generated email-borne threats. And you thought the primary job of email security was to protect against attacks carried via inbound email. But what do you think cybercriminals do with Office 365, Webmail, or G Suite credentials when they get ahold of them? They use your email traffic and your pwned user accounts against you. And this doesn’t include the risky emails a careless employee might send by accident.

These three statistics are only the tip of the iceberg of what can be found in the latest report. What is the state of email security globally? Check out the complete report and see what you think.

SOES19_blog_footer.jpg

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

Matthew Gardiner

by Matthew Gardiner

Director of Enterprise Security Campaigns

Posted May 28, 2019

You may also like:

Dreigingsintelligentie de beste methodes voor slimme IT-afdelingen - Deel 2

Make your organization a harder target f…

Make your organization a harder target for adversaries to cr… Read More >

Joshua Douglas

by Joshua Douglas

VP, Threat Intelligence

Posted May 07, 2019

Is dynamische analyse voldoende om hardnekkige malware-aanvallen te stoppen?

Malware authors are evolving as quickly …

Malware authors are evolving as quickly as the AV and securi… Read More >

Meni Farjon

by Meni Farjon

Chief Scientist for Advanced Threat Detection

Posted May 14, 2019

Reële aanvallen op toeleveringsketens: de cyberkloof overbruggen

Cyberattackers attempted to take down th…

Cyberattackers attempted to take down the US electric grid&m… Read More >

Ed Jennings

by Ed Jennings

Chief Operating Officer

Posted Mar 25, 2019