- The latest Mimecast State of Email Security 2023 report makes for grim reading.
- The global survey of IT professionals found that 92 percent of local firms surveyed had experienced a phishing attack.
- The survey also highlights the growing use of AI and ML to augment security gaps.
The report was compiled following interviews conducted with 1 700 information technology and cybersecurity professionals from companies based in 13 countries. These countries include the US, Canada, the United Kingdom, France, Germany, the Netherlands, Sweden, Denmark, Saudi Arabia, the United Arab Emirates, South Africa, Singapore, and Australia.
Looking specifically at South Africa, Mimecast says that 92 percent of local firms have been the target of a phishing attacked with 60 percent of respondents saying they had noted an increase in phishing attacks.
As phishing attacks are often the jumping off point for wider, and potentially more potent attacks.
“A successful cyberattack can halt productivity, take critical systems offline, lead to financial losses and damage an organisation’s reputation. As a result, organisations are having to continuously evolve their cyber resilience strategies, with the ultimate goal of ensuring everyone in the organisation can work protected,” explains vice president of sales engineering at Mimecast for Europe, Middle East and Africa, Brian Pinnock.
One of the reasons more companies may be experiencing a higher volume of phishing attacks may simply be because of an increase in the amount of emails being received.
The majority of respondents in the survey for the Mimecast State of Email Security 2023 reported that they had seen a 44 percent increase in the volume of emails. By comparison, the global average was 29 percent more than in 2022.
“Eighty-five percent of local respondents said their use of collaboration tools continues to grow and seven in ten believe they pose significant new security risks,” says Pinnock. “The vast majority – 94 percent – of South Africans also agree they need stronger protections than those that come with their Microsoft 365 or Google Workspace applications, with as many as 58 percent saying they strongly agree.”
One of the weak points highlighted by respondents is unfortunately, the human factor. As many as 80 percent of respondents believe that their company’s data is at risk of leaks through careless of negligent employees. However, only 28 percent of respondents train employees on an ongoing basis. While we understand that companies are concerned about employees leaking information inadvertently, these same companies need to understand that employees aren’t going home to read about the latest cyberthreats. Cybersecurity education is a vital component of risk management and ignoring it is dangerous.
“More than half of local companies surveyed said that insufficient employee awareness of cyber threats would be their greatest security challenge in 2023. While virtually all – 99 percent – respondents said they provide some form of cyber awareness training to employees, common mistakes still put organisations at risk. These include poor password hygiene (77 percent), misuse of personal email (81 percent) and using cloud storage and other shadow IT (78 percent).”
One way to lower this risk is by employing machine learning (ML) and artificial intelligence (AI). Half of respondents are including these technologies in their security and 56 percent of these respondents claim the technology improves the ability to block threats as well as provide more accurate threat detection. Additionally, 49 percent of the respondents which make use of AI and ML say they help reduce the rate of human error.
You can read the full Mimecast State of Email Security 2023 report, below.