Recent report released by Enterprise Strategy Group (ESG) exposes the inadequate protection that legacy email security solutions provide organizations against evolving cyber threats.
The recently released Armorblox and Enterprise Strategy Group (ESG) report reveals a concerning trend in the inability of legacy email security solutions to effectively protect against a range of threats. Legacy email security solutions lack of capabilities raises concern over the proper ability to protect organizations against a wide range of targeted threats. The ESG report highlights how these primary security controls are falling short: inaccurately stopping spam, malware, phishing, and BEC attacks, a significant belief from respondents that misaddressed emails bypassed primary email security solutions, and lack of trust in legacy tools’ ability to safeguard against accidental or malicious data loss.
Targeted Threats Continue to Bypass Legacy Security Layers
Respondents indicated that spam/malware (39%) and phishing attacks (34%) evaded these primary security controls, indicating that current solutions are not sufficiently equipped to detect and prevent these types of threats. Furthermore, over a quarter of respondents believe misaddressed emails bypassed primary email security solutions, highlighting a weakness in protecting against accidental data loss.
The data also highlights the prevalence of more sophisticated attacks, such as wire transfer fraud, payroll fraud, payment fraud, and other BEC attacks, and suggests the lack of current security measures not keeping pace with the evolving tactics used by cybercriminals –– as over a quarter of respondents believe these attacks were able to penetrate security controls. Also concerning is the percentage of respondents who indicated threats that resulted in unintentional sensitive data leakage and internal account compromise/takeover.
Better Data Leak Protection & Improved Native Email Filters Remain Focus for Organizations of All Sized
The data captured by Armorblox and ESG highlights the top priorities going into the next year for communication and collaboration security controls across organizations.
Smaller organizations are showing a focus on the importance of protecting against both insider threats and external cyber attacks. For organizations with 100-499 employees, 21% of respondents will prioritize improving unintentional sensitive data leakage detection and prevention due to employee error, while 37% will focus on improving spam and malware filtering.
For organizations with 500 - 4,999 employees, (20%) will prioritize the need to improve unintentional sensitive data leakage detection and prevention due to employee error, while 36% will prioritize improving spam and malware filtering.
Interestingly, for organizations with 5,000 or more employees, 30% will prioritize improving unintentional sensitive data leakage detection and prevention, while only 23% will focus on improving spam and malware filtering. It is possible that these organizations already have established security measures in place, or they may have different security priorities altogether.
Protecting against insider threats and external cyber attacks should be a key focus for organizations who are looking to safeguard sensitive data and maintain trust with their customers and stakeholders. Regardless of organization size, these priorities maintain top concerns for implementing better communication and security controls, and improved native email filters remain critical concerns.
