The Current State of Email Security 1
The Current State of Email Security The Current State of Email Security 1
Table of Contents
SECTION 01 State of the Industry...... 02
SECTION 02 External Threats...... 05
SECTION 03 Internal Threats...... 19
SECTION 04 Protect Your Organization and Reduce Risk...... 28 The Current State of Email Security 2
State of the Industry State of the Industry The Current State of Email Security 3
Today’s businesses rely heavily on email to Concerns Posed by communicate with clients, partners, and Different Email Threats colleagues. But research suggests that % Who Ranked them in their Top 3 Concerns organizations are lacking when it comes to protecting themselves against the increasing Has Direct Experience No Direct Experience number of customized and complex attacks. With Hack With Hack
Viruses IT security pros 51% without direct hack When polled by Mimecast, 83% of IT security experiences are more 65% likely to rank viruses managers said they see email as a primary and malware among Malware their top three email source of attack, yet 65% claim they aren’t fully 51% security concerns... equipped to resolve the risks associated with 64% email threats. Respondents’ perceptions of Spam primary security threats also appeared to change 31% 32% based on having experienced a successful Insider Threat/Employee Data Leakage breach. However, viruses, malware, spam, and 34% insider threats remain the top concerns for 29% both groups, both with and without breach Financial Fraud/419 Crime experience. 24% 27%
Similarly, security vendor Proofpoint reports that Spear-Phishing 21% email continues to be the primary threat. In the 25% first quarter of 2016, malicious email volume Ransomware increased by 66% from the previous quarter, with 20% attachments as the preferred delivery method 24% Social Engineering over embedded links. ...while those with 24% recent, direct 15% experience are more likely to be Offensive/Inappropriate Content concerned by social engineering and 20% other threats. 11%
Cyberbullying and Harassment 24% 10%
“Business Email Threat Report,” 2016, Mimecast State of the Industry The Current State of Email Security 4
Thanks to cloud computing and ubiquitous Today, mitigating security risks requires that broadband, today’s employees can usually send companies take a holistic approach to finding the and receive email from any location and from right solution by considering the mindset of the any device—both a blessing and a curse. This attacker, the various threats present, and current complicates email security, as any feasible solution trends. Whether your chosen email solution is must cater to multiple platforms and devices. located in the cloud or on-premises, assessing both external and internal threat risks is essential. Hackers are professionals at what they do, and they don’t follow any set rules. In addition to This report explores email security threats’ most more common security threats, email is often a common delivery methods and identifies their vehicle for more sophisticated attacks. Phishing, risks to your organization, offering effective for example, uses email to gain network entry, solutions to both internal and external threats which could lead to malware installations, and how to implement them. credential theft, and more. While email remains a primary threat, we cannot ignore that email security must be part of a larger cybersecurity defense policy.
Birth and Rebirth of a Data Breach
Email in