As a Hornetsecurity survey shows: 1 in 4 companies suffered from at least one email security breach. 62% of all security breaches are caused by compromised passwords and phishing attacks.
Email security is one of the most important issues for any IT department, and for good reason. Security gaps quickly lead to the loss of sensitive data, operational downtimes and lost sales. In a survey on email security among more than 420 companies using Microsoft 365, Hornetsecurity found that 23%, i.e. every fourth company, has already reported a security breach in connection with emails.
Phishing attacks on top
Of these security breaches, 36% were caused by phishing attacks targeting what is arguably the weakest link in any security system: the end user. The survey was carried out by the Hornetsecurity Group, a leading provider of email cloud security solutions. The provider surveyed companies using the Microsoft 365 platform to understand how they handle email security in an increasingly decentralized work environment.
62% of all security breaches are caused by compromised passwords and phishing attacks
Compromised passwords and phishing attacks accounted for 62% of all reported security breaches. 54% of all respondents said that they have not yet implemented any conditional access rules along with multi-factor authentication. This prevents users from logging into their accounts from unsecured networks.
There seems to be a discrepancy between what organizations expect from Microsoft 365 email security and the reality: while two out of three companies expect Microsoft to protect them from email threats, half of them are engaging Respondents turned to third-party solutions to add to their email security.
Third-party solutions are most effective, with 82% reporting no security issues
Companies that use third-party security solutions reported the lowest rate of email security margins compared to companies that only use the security packages offered by Microsoft 365: 82% of all respondents with third-party email security solutions reported no problems.
68% of companies expect Microsoft 365 to protect against e-mail threats (Image: Hornetsecurity).
In addition, 48% of those surveyed who said they pay extra for Microsoft's Enterprise Mobility & Security E3 or E5 also use third-party solutions. While Microsoft 365's measures to protect email communications are high expectations, most organizations feel that they are insufficient - and the results support that belief.
Organizations with 201-1.000+ employees are most at risk from email security vulnerabilities
74% of all security issues reported in this survey were reported by organizations with 201-1000 employees or more. This is likely due to factors like budget and staffing priorities that don't see digital security as a major concern. Once the workforce exceeds 1.000, the incidence of email security margins drops to 17% - likely due to responses to previous security concerns and the opportunity to invest in more powerful security protocols.
More at HornetSecurity.com
About Hornetsecurity Hornetsecurity is the leading German cloud security provider for e-mail in Europe and protects the IT infrastructure, digital communication and data of companies and organizations of all sizes. The security specialist from Hanover provides its services via 10 redundantly secured data centers around the world. The product portfolio includes all important areas of e-mail security, from spam and virus filters to legally compliant archiving and encryption, to defense against CEO fraud and ransomware. Hornetsecurity has around 200 employees at 12 locations around the world and operates with its international dealer network in more than 30 countries.