Barracuda today announced key findings from a new global research report. Here are the highlights:
- Email security threats are pervasive, 87% said their company faced an email-based security threat in the past year.
- Ransomware is a concern, more than 1/3 said they have already experienced an attack.
- Phishing simulation and social engineering detection were identified as the most beneficial email-security training capabilities.
The study includes responses from 634 executives, individual contributors and team managers serving in IT-security roles in the Americas, EMEA and APAC. Organizations surveyed include small, mid-sized and enterprise businesses in technology, financial services, education, healthcare, manufacturing, government, telecommunication, retail and other industries.
A wide range of questions captured hard data about ransomware, phishing and other threats, as well as the related business impacts, prevention efforts and email-security capabilities most beneficial for stopping attacks.
The study indicates that email threats continue to increase
Overall, the study indicates that email threats continue to increase and the impact on staff and productivity is escalating. The vast majority of IT professionals believe that end-user security awareness training programs are a vital prerequisite to help mitigate threats and improve email security. Highlights include:
- Email security threats are pervasive.
- 87% of IT security professional said their company faced an attempted email-based security threat in the past year.
- The threat of ransomware is a concern for 88%.
- More than 1/3 have already experienced an attack.
- More than 90% said email archiving is critical, citing a variety of business benefits.
- Maintaining an audit trail for compliance purposes, investigating suspicious activity and cutting costs for e-discovery requests were the top reasons.
- Larger businesses are more concerned about Office 365 email security; smaller businesses are less concerned. While the differences are fairly minor, this could be because larger companies have more data at risk in Office 365, due to having broader deployments rolled out that include SharePoint, OneDrive and other applications.
- There's a strong consensus of opinions about employee training and its effect on email-based security.
- 100% said end-user training is important to prevent attacks!
- Phishing simulation and social-engineering detection were identified as the most beneficial email-security capabilities.
- 98% said there are better ways to train employees so than traditional classroom-style education, including customized examples that are relevant to an employee's department and role, unscheduled simulations of typical attacks, training modules that can be done at the employee's convenience, and rewards for taking the right actions.
Email threats continue to become more targeted, making a multi-layered approach critical in successfully protecting targeted employees, applications, and data.
Story Source.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!
