We all get more stressed about email (opens in new tab) security and the risks posed by malicious messages, claims a new report from Egress.
According to the cybersecurity firm, 99% of cybersecurity leaders are stressed about email security, with most frustrated with Secure Email Gateway (98%). In fact, more than half (53%) are concerned that too many phishing emails are passing the SEG.
For Jack Chapman, VP of Threat Intelligence at Egress, things are only going to get worse as cybercriminals continually evolve their methods, using AI-powered technologies to craft persuasive emails at the scale of that last big problem.
Customer and employee turnover
Companies are also concerned about the consequences of phishing attacks. Customer churn and employee turnover are the biggest negative impact of an inbound email security incident, the report states, adding that nearly nine in ten (86%) of companies surveyed were negatively impacted by phishing emails. More than four in five (85%) said a successful phishing attack resulted in an account takeover.
In more than half (54%), customer churn led to financial losses, and employees decided to leave the organization in 40% of incidents. The most popular types of phishing attacks are malicious URLs and attachments, social engineering, and supply chain compromise.
But it’s not just about falling victim to a phishing email. Employees often make unforced mistakes that lead to cybersecurity incidents, and these things are even more common than cyberattacks.
In fact, 91% of cybersecurity leaders said their employees have leaked sensitive data via email, the most common causes being reckless or risky behavior (sending data to a personal account to work remotely), human error (emails with sensitive content to the wrong address) and stealing data (e.g. taking data with you when moving to another company).
While traditional SEG technologies are still the cornerstone of any company’s email security stack, 98% of security leaders are frustrated with their solutions, saying they are ineffective at preventing emails from being accidentally sent to the wrong people sent (58%) and in preventing phishing emails from reaching the inbox (53%), and that they are too time consuming (50%).