Third Annual State of Email Security Report Reveals a Major Increase in Targeted Attacks Like Impersonation Fraud, Spear Phishing and Business Disrupting Ransomware.
Mimecast a leading email and data security company, has unveiled its third-annual State of Email Security report. The report includes insights from 1,025 global IT decision makers, including the UAE. As cyber-criminals continue to use email as a primary vehicle to steal data and deliver advanced threats, the results of this research provide valuable insights and trends around what’s affecting organisations the most and how they can improve their overall security posture.
Social engineering attacks are a rising concern for organisations because they’re often one of the most difficult to control. Most notably, the report found that in the UAE impersonation attacks increased by 75%, with 77% of those organisations impacted by impersonation attacks having experienced a direct loss, specifically loss of customers (23%), financial loss (21%) and data loss (40%). Phishing attacks were the most prominent type of cyber-attack, with 94% of respondents having experienced phishing and spear phishing attacks in the previous 12 months, and 75% cited seeing an increase in phishing attacks over the same time period.
Not only are email-based attacks on the rise, but they’re affecting how confident people are in their organisation’s cybersecurity defences – and ultimately the ability to do their jobs. According to the report, 39% believe it is likely or inevitable their organisation will suffer a negative business impact from an email-borne attack this year. The report also found that almost a third (62%) encountered a ransomware attack that directly impacted business operations. Fifty-eight percent of UAE respondents noted having downtime for two to three days, whereas 29% experienced downtime for four to five days.
Josh Douglas, vice president of threat intelligence at Mimecast, said: “Email security systems are the frontline defence for most of attacks. Yet, just having and providing data on these attacks is not what creates value for most respondents.
“Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect, and not just focus on indicators of compromise which would only address past problems. The Mimecast Threat Analysis Centre was also able to identify the top five industries being impacted by impersonation attacks which closely aligned with the findings in the report. Financial, Manufacturing, Professional Services, Science/Technology as well as Transportation Industries are top targets globally. Understanding these key pain points helps organisations build a more comprehensive cyber resilience plan.”