Enterprise Strategy Group research finds legacy controls unfit to stop sophisticated threats
SUNNYVALE, Calif., May 18th, 2023 – Enterprise Strategy Group (ESG), a leading research and advisory firm, conducted a research survey of 490 IT and security professionals with a focus on the challenges organizations face in securing the abundance of communication and collaboration tools used today. Notably, the study found the majority of organizations use 6 or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%).
Respondents mentioned multi-channel attacks are gaining momentum and frequency. More than half of respondents reported multi-vector, socially engineered attacks happening weekly (36%) or daily (16%). The level of concern is high for attacks evading security controls by leveraging siloed communication and collaboration tools (video conferencing, messaging, and shared calendars, project management / whiteboarding applications, file sharing / cloud storage) outside of email (69%).
According to Dave Gruber, Principal Analyst at Enterprise Strategy Group (ESG), “Organizations' top concerns when it comes to communication and collaboration tools are ransomware, phishing, and malware-based attacks. These threats are not unique to newer collaboration mechanisms and are also common in traditional email communications. This raises the question of whether expanding the use of collaboration tools simply increases the potential attack surface for bad actors. As organizations continue to adopt new technologies, it is crucial that they remain vigilant in their efforts to protect against these threats and ensure the security of their communication channels.”
Despite Maturity, Email Security Still Has Significant Weaknesses
As a result of the survey, 38% of respondents believe email is the channel most vulnerable to threat actors. This emphasizes the high level of risk associated with email communication, and the continued vulnerabilities of legacy security tools when it comes to protecting against sophisticated threats.
- 39% of respondents stated spam/malware and 34% of respondents stated phishing/spear phishing/malicious links evaded security controls
- 27% of respondents stated misaddressed emails slipped past native security layers
- 26% of respondents indicated threats that penetrated security controls included wire transfer fraud, payroll fraud, payment fraud, other BEC attacks
- 23% of respondents indicated internal account compromise/takeover was the result of threats bypassing legacy layers
- 23% of respondents indicated threats resulted in unintentional sensitive data leakage
“Today's threat landscape is already challenging, but with the increasing sophistication of attacks, especially those using AI, it is concerning to see that primary email security solutions continue to fall short in providing the necessary protection," said DJ Sampath, co-founder and CEO of Armorblox. “We know that this lack of protection can have significant consequences, undermining the efficacy, compliance, and reliability of email communication. It's crucial that organizations take the necessary steps to strengthen their email security measures and ensure that they are able to keep pace with the evolving threat landscape, and the rise of AI-powered attacks."
For the full analysis on challenges organizations face in security communication channels, download the ESG report here.
Armorblox secures enterprise communications over email and other cloud office applications with the power of Natural Language Understanding and GPT. The Armorblox platform connects over APIs and analyzes thousands of signals to understand the context of communications and protect people and data from compromise. Over 58,000 organizations use Armorblox to stop BEC and targeted phishing attacks, protect sensitive PII and PCI, and automate remediation of user-reported email threats. Armorblox was featured in the Gartner 2021 Market Guide for Email Security and Gartner 2022 Market Guide for Data Loss Prevention. Founded in 2017, Armorblox is headquartered in Sunnyvale, CA and backed by General Catalyst and Next47.
To learn more about Armorblox, visit www.armorblox.com.
All product and company names herein may be trademarks of their respective owners.