We’re all getting more stressed about email (opens in new tab) security and the risks malicious messages pose, a new report from Egress has claimed.
According to the cybersecurity firm, 99% of cybersecurity leaders are stressed about email security, mostly being frustrated with Secure Email Gateway (98%). In fact, more than half (53%) worry that too many phishing emails make it past the SEG.
For Jack Chapman, VP of Threat Intelligence at Egress, things are only going to get worse, as cybercriminals are constantly evolving their methods, with the use of AI-powered technologies to draft convincing emails at scale that latest big concern.
Customer and employee churn
Businesses also worry about the consequences of phishing attacks. Customer and employee churn are the biggest negative impact of an inbound email security incident, the report states, adding that almost nine in ten (86%) of surveyed firms were negatively impacted by phishing emails. More than four in five (85%) said a successful phishing attack resulted in an account takeover.
For more than half (54%), customer churn resulted in financial losses, and in 40% of incidents, employees decided to exit the organization. The most popular types of phishing attacks include those involving malicious URLs and attachments, social engineering, and supply chain compromise.
But it’s not just about falling prey to a phishing email. Employees often make unforced mistakes that lead to cybersecurity incidents, and these things are even more common than cyberattacks.
In fact, 91% of cybersecurity leaders said their employees leaked sensitive data via email, with the most common causes being reckless or risky behavior (sending data to a personal account to work remotely), human error (sending out emails with sensitive content to the wrong address), and stealing data (for example, taking data when moving to a different firm).
While traditional SEG technologies are still the cornerstone of every firm’s email security stack, 98% of security leaders are frustrated with their solutions, saying they’re not effective in stopping emails from mailing the wrong people by accident (58%) and in preventing phishing emails from reaching the inbox (53%), and that they’re too time-consuming (50%).