The fourth annual report from Mimecast finds greatest new concern is email and web spoofing.
Mimecast, a leading email and data security company, has unveiled its fourth-annual State of Email Security 2020 report. This report summarises details from 1,025 global IT decision makers on the current state of cybersecurity.
Providing year-over-year comparisons, along with Mimecast’s analysis from the first 100-day period of the Coronavirus public health crisis, the report is designed to both offer valuable insights into recent attack trends organisations are challenged with and to serve as a guide to drive continuous improvement to any organisation’s cyber-resilience strategy.
The findings in this year’s State of Email Security report demonstrate that despite high levels of confidence in respondents’ cyber-resilience strategies, there is a clear need for improvement. The large majority (77%) of global respondents say they have or are actively rolling out a cyber-resilience strategy.
In the United Arab Emirates, 80% of respondents are doing the same. Yet an astounding 60% of respondents in the UAE, and globally believe it is inevitable or likely they will suffer from an email-borne attack in the coming year. UAE respondents cite data loss (54%), a decrease in employee productivity (40%) and business downtime (24%) due to a lack of cyber-resilience preparedness.
“We’re seeing the same threats that organisations have faced for years playing out with tactics matched to world events to evade detection. The increases in remote working due to the global pandemic have only amplified the risks businesses face from these threats, making the need for effective cyber-resilience essential,” said Joshua Douglas, Vice President of Threat Intelligence.
“It’s likely that cyber-resilience strategies are lacking key elements, or don’t have any at all, depending on the organisation’s maturity in cybersecurity. Security leaders need to invest in a strategy that builds resilience moving at the same pace as Digital Transformation. This means organisations must apply a layered approach to email security, one that consists of attack prevention, security awareness training, roaming web security tied to email efficacy, brand exploitation protection, threat remediation and Business Continuity.”
Times are Changing: The threats you can’t see impacting your brand
This latest research comes at a time when organisations across the globe have been forced to adopt remote work policies for employees in response to the Coronavirus pandemic. Threat actors have seized this opportunity and evolved the ways they are targeting their victims. Domain-spoofing and email-spoofing have become mainstream attack vectors, according to the report.
Over half of organisations (54%) surveyed, report anticipating an increase in web or email spoofing and brand exploitation in the next 12 months, and it is a rising concern. In fact, 74% of respondents in the UAE feel concerned about a web domain, brand exploitation, or site spoofing attack, and 80% are concerned about an attack that directly spoofs their email domain.
It is critical for organisations to look beyond their email perimeters to determine how cyberthreat actors may be using and damaging their brands online.
Yesterday’s threats are unwavering year over year
Similar to years past, impersonation attacks, phishing attempts and ransomware continue to be a major problem, according to the research. Seventy percent of UAE report participants said phishing attacks remained flat or increased in the last 12 months and 68% report the same of impersonation attacks. This indicates that phishing is potentially becoming more difficult to stop or prevent due to more advanced tactics like spear-phishing.
Ransomware also continues to wreak havoc, two-thirds of UAE respondents (66%) said ransomware attacks impacted their organisation, citing data loss, downtime, financial loss and loss of reputation or trust among customers.
The need for a strong human defence
The State of Email Security 2020 report also shines a light on the urgent need for a more cyber aware workforce. Encouragingly, 100% of the respondents’ organisations offer security awareness training at varying frequencies and formats. However, 74% of those surveyed reported having been hit by malicious activity spread from employee to employee, pointing to the fact that the format or frequency of these trainings could be the problem.
With frequent, consistent, engaging content that humanizes security, security awareness training is an effective way to reduce risk inside the network and organisation.
Download the full State of Email Security 2020 report.
Top 10 takeaways from the State of Email Security 2020 report – United Arab Emirates
- Leaders are beginning to understand the email perimeter is constantly under attack. The magnitude and scale of possible attacks at the email gateway is of concern to most; 66% of respondents believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year.
- Impersonation, phishing and business email compromise are increasing at a concerning clip. 70% of respondents reported the same or increasing phishing at their organisations, and due to the global pandemic, threat actors are broadly using impersonation and BEC to steal from unsuspecting users. The Mimecast Threat Centre corroborated this assessment – researchers saw a staggering 30% jump in impersonation globally from January to April 2020.
- The effects of ransomware still aren’t improving year over year. More than two thirds of respondents experienced a ransomware attack this year and an average of two days of downtime.
- Monthly security awareness training is the best way to train employees. Encouragingly, 36% of respondents receive training monthly, but many aren’t educating employees according to best practices.
- In the absence of security awareness training, unsafe URL clicks and data leaks will ensue. Mimecast Threat Centre found that employees from companies not using Mimecast Awareness Training were more than 5X more likely to click on malicious links than employees from companies that did utilise the training. The risk these clicks pose is significant: 74% of respondents were hit by malicious activity spread from employee to employee.
- Looking beyond your email perimeter towards online brand protection is a business issue that can no longer be ignored. There’s high awareness of the need to protect your online brand and maintain customer trust, but just because the attacks aren’t visible to you, doesn’t mean they’re not happening. 98% of respondents already use or are planning to roll out a DMARC strategy, but it’s just one piece of the brand protection puzzle.
- Budget ownership for online brand protection may shed light on how quickly an organisation can respond to an attack. Nearly all organisations – 98% – have a dedicated budget for email spoofing, exploitation and impersonation. Who manages the budget, whether it’s the CIO, CISO, CFO, CMO, can vary; what’s critical is the partnership between the budget owner and a savvy cybersecurity leader that leads to the right knowledgebase and tools investment to detect and respond to brand exploit.
- You’re right to have growing concern about web and email spoofing. On average, there are six web or email spoofing attacks per organisation each year – and that’s just what they know about. 54% of respondents anticipate an increase in web or email spoofing in 2020, and around 77% are concerned about direct brand exploitation or email domain spoofing attacks.
- If there’s one thing we all agree on, it’s that cyber-resilience strategies are necessary but still incomplete. The majority (80%) have a cyber-resilience strategy or are actively rolling one out, and respondents told us their strategies are stacked with email security, network security, web security, and data backup and recovery solutions. But respondents are still experiencing data loss (54%), a negative impact to employee productivity (40%) and business downtime (24%) due to a lack of cyber-resilience preparedness.
- When it comes to delivering world-class security, Office 365 needs more cyber-resilience. While 92% of respondents use Office 365 for email delivery, the impact to their organisations following an outage or other security event created a lasting impression of the need to build in greater resilience with components like email security.