Monday, 8 February 2021

The State of Email Security Update

Mimecast has released its annual state of email security report. So what should we be doing to protect ourselves from the current attack vectors?

At the end of last year, security company Mimecast released the latest version of its annual state of email security report – and it revealed some worrying findings. What should organisations be doing to protect themselves from the current attack vectors?

In this year’s report(1), Mimecast highlights how the security threats that businesses are trying to deal with this year have changed because of the COVID-19 pandemic.

It points out that many global corporations have been forced to adopt remote working policies for office-based employees to ensure the safety of the workforce during the COVID-19 pandemic and threat actors have followed them home – adding new layers of complexity to email security.

How has COVID-19 affected the security landscape?

The Mimecast report identifies a 30 percent increase in impersonation fraud in the first 100 days of COVID-19. And 72 percent of respondents said they had experienced an increase of phishing attacks at their organisations.

Unfortunately, this increase corresponds with a wider rise in cybercrime activity. Last month, another cybersecurity solutions firm – Akamai – reported that DDoS activity had skyrocketed(2) when COVID-19 hit. As part of this increase in attack activity, attackers broadened their scope of potential targets and turned to extortion campaigns.

This indicates that those responsible for cyber security in their organisations need to be raising their game across the board, not just where email is concerned.

How are organisations being impacted?

The Mimecast survey also unearthed some worrying statistics about the impact of cyber-attacks:

• 82 percent of organisations said they have experienced downtime as the result of an attack.

• Following a ransomware attack, organisations typically suffer three days of downtime.

• 60 percent of respondents’ organisations were hit by attack that spread internally from an infected user to other employees.

The main impacts of a successful attack are data loss, a reduction in employee productivity and business interruption or downtime.

Why are organisations reporting problems?

Perhaps more worryingly, the survey found that surprisingly few organisations are working actively enough to protect their email systems – and, ultimately, their businesses.

• On average, only six out of ten organisations said they had some kind of security system in place to protect their data or employees in internal and outbound emails.

• Nearly a third of respondents – 31 percent – reported a data loss that stemmed from a lack of cyber resilience preparedness.

• More than half – 55 percent – do not provide cyber-security awareness training on a frequent basis.

Given these gaps, it is perhaps not surprising that the survey found the level of impact it did.

How should organisations respond?

So what of the future? Mimecast reports that that 60 percent of organisations believe it’s ‘inevitable’ or ‘likely’ they will suffer from an email-borne attack in the coming year.

To deal with such an attack, the survey authors’ recommendations to reduce the potential for its success are two-fold:

• a comprehensive email security system

• regular email security awareness training for all staff

First, the survey authors say “it’s critical for organisations to implement a security system for protection against:

• data leaks in internal-to-internal emails,

• data leaks or exfiltration in outbound emails, and

• malware and malicious links in outbound email.

Furthermore, they argue that a “frequent, consistent, engaging cybersecurity awareness training programme” is needed. They suggest that training should happen on a monthly basis – that’s the “gold standard”.

However, the survey found that fewer than 21 percent of respondents are offering training on a monthly basis, and some 17% of respondents said staff are trained only once a year.

How worried should your organisation be?

It’s clear that cybercrime activity has spiked over the last 12 months. As the activities of our daily and working lives have moved online, so criminal activity has followed us online too.

However, this isn’t necessarily a reason for concern. Home working presents many challenges for IT leaders, but there are solutions available. Remote device management and integrated security management for cloud-based email solutions offer significant opportunities to strengthen the remote working security posture. But they need to be in place and set up correctly.

As well as optimising their use of these systems, Organisations need to maintain staff security awareness training – even for staff when they are working from home – so they are prepared to successfully meet the challenge.

Working with a trusted partner to help you configure the appropriate security solutions is essential. This partner can also help with advice about how you can tighten up your policies and advice to staff too.

As a first step, you can reach out to the Grant McGregor team for help and advice. We’ve been working with our clients throughout the pandemic to help strengthen their security postures while responding for the need for remote working.

 

Our strategic partner, KnowBe4, has a powerful tool that can reveal your risk – showing you how many of your users may be using compromised credentials.

Check your exposure today

Find out which of your users’ emails are exposed before the bad guys do.


Sources:
1. https://www.mimecast.com/state-of-email-security/

2. https://searchsecurity.techtarget.com/news/252495371/Akamai-Extortion-attempts-increase-in-DDoS-attacks