- Email security threats are pervasive, 87% said their company faced an email-based security threat in the past year.
- Ransomware is a concern, more than 1/3 said they have already experienced an attack.
- Phishing simulation and social-engineering detection were identified as the most beneficial email-security training capabilities.
The study includes responses from 634 executives, individual contributors and team managers serving in IT-security roles in the Americas, EMEA and APAC. Organizations surveyed include small, mid-sized and enterprise businesses in technology, financial services, education, healthcare, manufacturing, government, telecommunication, retail and other industries.
A wide range of questions captured hard data about ransomware, phishing and other threats, as well as the related business impacts, prevention efforts and email-security capabilities most beneficial for stopping attacks.
The study indicates that email threats continue to increase
Overall, the study indicates that email threats continue to increase and the impact on staff and productivity is escalating. The vast majority of IT professionals believe that end-user security awareness training programs are a vital pre-requisite to help mitigate threats and improve email security. Highlights include:
- Email security threats are pervasive.
- 87% of IT security professional said their company faced an attempted email-based security threat in the past year.
- The threat of ransomware is a concern for 88%.
- More than 1/3 have already experienced an attack.
- More than 90% said email archiving is critical, citing a variety of business benefits.
- Maintaining an audit trail for compliance purposes, investigating suspicious activity and cutting costs for e-discovery requests were the top reasons.
- Larger businesses are more concerned about Office 365 email security; smaller businesses are less concerned. While the differences are fairly minor, this could be because larger companies have more data at risk in Office 365, due to having broader deployments rolled out that include SharePoint, OneDrive and other applications.
- There’s a strong consensus of opinions about employee training and its effect on email-based security.
- 100% said end-user training is important to prevent attacks!
- Phishing simulation and social-engineering detection were identified as the most beneficial email-security capabilities.
- 98% said there are better ways to train employees so than traditional classroom-style education, including customized examples that are relevant to an employee’s department and role, unscheduled simulations of typical attacks, training modules that can be done at the employee’s convenience, and rewards for taking the right actions.
Email threats continue to become more targeted, making a multi-layered approach critical in successfully protecting targeted employees, applications, and data.
Old School Security Awareness Training does not hack it anymore…
Today, your employees are frequently exposed to advanced phishing and ransomware attacks. Your users are the weak link in your IT security. Find out how affordable new-school awareness training is. Get a quote now.
Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/enterprise_get_a_quote_now?
Based Blockchain Network