sb-nz logo
Story image

Rising costs of email attacks concerning for organisations


A new report from security solutions firm Barracuda has revealed email attacks are having a major impact on businesses, with ever-evolving security concerns proving a challenge for IT security professionals. 

The report, titled 2019 Email Security Trends and commissioned by Barracuda, surveyed global IT stakeholders to capture their experiences and attitudes about the current state of email security.

The survey includes responses from 660 executives, individual contributors and team managers serving in IT-security roles in the Americas, EMEA, and APAC. Companies surveyed include small, mid-sized, and enterprise businesses in technology, financial services, education, healthcare, manufacturing, government, telecommunication, retail, and other industries. A wide range of questions captured hard data about phishing, insider threats and Office 365, as well as the related business impacts, security spending and costs of breaches. 

It found 74% of respondents say email attacks are having a major impact on their businesses, while 78% of organisations say the cost of email breaches is increasing.

The report revealed spear phishing is widespread, with 43% of organisations have been the victim of a spear-phishing attack in the past 12 months.

Notably, more than three-quarters of organisations say their employees aren’t good at spotting suspicious emails.

Overall, the study indicates that while most IT professionals are more confident about their email security systems than they were a year ago, email attacks continue to have a significant impact on businesses. 

The report shows email attacks are having a direct business impact, and impacting the personal lives of IT security professionals, with 74% of respondents said that email attacks are having a major impact on their businesses. 

The most common effects cited were loss of employee productivity, downtime and business disruption, and damage to the reputation of the IT team.

Nearly three-quarters of respondents reported experiencing higher stress levels, worrying about potential email security even when they’re not at work, and being forced to work nights and weekends to address email security issues.

The report founds phishing and ransomware are top concerns, with 43% of organisations have been the victim of a spear-phishing attack in the past 12 months.

Meanwhile, breach costs and monetary losses are on the rise, with 78% of organisations said that the cost of email breaches is increasing, and 66% claimed that attacks have had a direct monetary cost on their organisation in the past year. 

Nearly a quarter of respondents advised that attacks have cost their organisation $100,000 or more.

According to the research, employees remain a major weak link in an organisation’s security defenses. More than three-quarters of organisations said their employees aren’t good at spotting suspicious emails.

There are growing concerns about insider threats and Office 365, the report says, with 79% of IT professionals said they are worried about attacks and breaches stemming from inside the organisation, and 92% of Office 365 users have security concerns

Based on the success and proliferation of email-based attacks, IT security professionals will need to stay focused on the evolution and escalation of phishing, ransomware, and other threats and improve email security that goes beyond the traditional gateway. 

Story image
Over a third of New Zealanders fell victim to cybercrime in the last year
"As we connected to the internet for everything from work and school to entertainment, social connection and even groceries, cybercriminals took advantage and launched coordinated attacks and convincing scams."More
Story image
Major firms disclose breaches in the wake of SolarWinds attack
Microsoft, Shell, GoDaddy, MobiKwik — these are just some of the high-profile company's on the receiving end of sophisticated attacks, writes Bitglass senior director of marketing Jonathan Andresen.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
Dell Technologies unveils new data protection innovations for hybrid cloud workloads
The Dell EMC PowerProtect Backup Service, powered by Druva, is designed to deliver SaaS app protection without increasing IT complexity.More
Story image
Remote work continues, and endpoint security cited as a must
Nearly half of workers will stay remote after the pandemic ends, and two out of three IT professionals are concerned with endpoint misuse, according to Prey Software's new study.More