2021 Email Security Threats and Trends Report
Even though it's been over a year since the onset of the Covid-19 pandemic, businesses are still grappling with the complexity of remote work and growing cyberthreats. These adaptations have been studied by Mimecast, a leading email security partner, and shared in their annual Email Threat Report. This research report, which can be found below, pulled information from 1,225 business and cybersecurity experts across the world.
Here Are the Top 10 Takeaways from Mimecast's Email Security Report:
Understanding the Evolving Email Threat Landscape
Of the myriad insights in Mimecast's threat report, here are the most interesting things we learned:
- The pandemic landscape has been treacherous for email security - Since 2020, email threats have increased by two-thirds. More workforces have become dependent on email, giving cybercriminals a prime target for stealing confidential data. As such, seven out of ten companies are preparing for worse email attacks in the months to come.
- Phishing and BEC attacks are more insidious - Phishing attacks have increased 63% since March 2020, when the COVID-19 pandemic began. Cybercriminals played on people's fears and targeted remote workers distracted by their new work-at-home environments. Because of this, employees have been tricked into clicking on three times as many malicious emails as they used to.
- Collaboration tools caused increased security risk - Since there have been restrictions on traveling and in-person meetings, organizations have begun using collaboration tools such as Zoom to increase productivity and coordinate projects. These tools, however, still pose cybersecurity challenges. Over two-thirds of respondents are concerned about the risks regarding collaboration tools.
- Ransomware is everywhere - More than six out of ten companies were attacked by ransomware last year, which caused disruption and an average of six lost workdays. Among the businesses that were affected, more than half felt the need to pay the ransom. However, only 2/3 recovered their data while the other third, despite paying the ransom, never saw their data again.
- Need for cyber preparedness - In 2020, eight out of ten companies had their business disrupted, had a setback, or suffered a financial loss due to a lack of cyber preparedness. More than 40% of businesses fall short in one or more crucial areas of email security, and 13% have no solutions in place. This is unsustainable, especially while workers are still remote.
- Layered defense is preferred - Many businesses simply rely on the safeguards of Microsoft 365 to protect their business. Though this may be a good approach, it is more effective to have additional layers of email security over what Microsoft 365 provides.
- AI and machine learning are growing in popularity - More than a third of companies use AI and machine learning in their security strategy. This number is higher among companies that have a cyber resistance strategy in place.
- Cybersecurity training needs to be a priority - Seven out of ten organizations believe that careless web browsing can put their business at risk. However, fewer than half provide cyber awareness training once a month. Studies have shown that cyber security training is a low cost-high reward investment.
- Spoofing is becoming more common - Nine out of ten companies are threatened by brand impersonation online, which puts their customers, finances, and reputation at risk. However, more organizations are enlisting specialized services to defend and detect counterfeit emails and websites.
- Cyber resilience pays off - Having a cyber resilience strategy can help businesses adapt and respond to threats, such as ransomware attacks.
Interpreting These Security Findings
Though many organizations added additional security when moving to remote work, there is still much work that needs to be done. Ensuring that you are prepared for a cyberattack to happen at any moment is key. Having a cyber resistance plan in place is extremely important, as well as layering monitoring and AI-based defense software. These proactive solutions, along with routine cyber training, are the best way to keep your employees safe from hackers. To learn more about email security or schedule a free IT consultation, reach out to us now.