Email security stressing cybersecurity leaders

New Egress report also shows that leaders are taking a tough stance with employees caught up in email security incidents.

Posted 17 January 2024 by Christine Horton

Email vulnerabilities continue to plague organisations. A new survey of cybersecurity leaders shows that 94 percent of organisations experienced email security incidents in the past 12 months – up two percent from the previous year.

Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware or ransomware attachments, according to the Egress Email Security Risk Report.

Looking towards outbound email incidents, 91 percent of organisations experienced data loss and exfiltration due to reckless behavior to ‘get the job done’, human error or malicious exfiltration amongst other contributing factors.  

“The stats in this latest report are truly staggering; 94 percent of companies have experienced security incidents in the last 12 months, and 95 percent of cybersecurity leaders are stressed about email security. Organisations urgently need to adapt their approach, or risk finding themselves in the same position next year,” said Jack Chapman, VP of threat intelligence at Egress. 

Employees face consequences for email security incidents

The impact of an email security incident can be severe for employees and their organisations. Ninety-six percent of surveyed organisations experienced negative impacts from phishing attacks, which is a jump of 10 percent versus last year’s report (when the number sat at 86 percent).

Findings show that leaders are taking a tough stance with employees caught by phishing attacks with negative outcomes for the people involved happening in 74 percent of companies. Fifty-one percent of employees caught in phishing attacks are disciplined, 39 percent are fired and 27 percent of employees voluntarily leaving their roles.

It is a similar picture with outbound threats, where 94 percent of the surveyed organizations reported being adversely affected, an increase of eight percent from last year’s report. In outbound email incidents, 67 percent of people were disciplined, let go, or chose to leave the organisation. Employees being disciplined was the most common outcome, seen in 51 percent of organisations.  

AI a growing concern for cyber risk

 AI continues to be one of the industry’s biggest talking points, and cybersecurity leaders are savvy to the effect new tools, large language models, and generative AI could have on phishing attacks. Sixty-three percent are being kept awake at night by deepfakes, and 61 percent by AI chatbots being utilised to create efficient phishing campaigns.

Stolen Microsoft credentials

Microsoft credentials are synonymous with being ‘the keys to the kingdom’, giving cybercriminals the power to move laterally across systems and networks to exfiltrate data and access email accounts to target customers and suppliers with further attacks. 

Findings from the report show that account takeover attacks (ATOs) are a significant concern for cybersecurity leaders as 58 percent of organisations experienced account takeover incidents. Of these, 79 percent began with a phishing email harvesting an employee’s credentials and 83 percent saw multi-factor authentication bypassed before proceeding with the account takeover.

Additionally, more than half (51 percent) of organisations fell victim to phishing attacks sent from compromised accounts within their supply chain in the last 12 months. Cybersecurity leaders are well-aware of their vulnerability, with supply chain compromise and ATO their top sources of stress.  

Despite the risks, according to the majority of respondents, training is provided only to meet compliance requirements with 88 percent acknowledging that they are doing SAT for compliance purposes.