Barracuda study indicates e-mail attacks exerting “major impact” on businesses

Barracuda, the provider of cloud-enabled security solutions, has released the key findings from a report entitled ‘2019 e-mail Security Trends’. Commissioned by the company, the research surveyed global IT stakeholders to capture their experiences and attitudes about the current state of e-mail security.

The survey includes responses from 660 executives, individual contributors and team managers serving in IT security roles in the Americas, EMEA and APAC. Companies surveyed include small, medium-sized and enterprise businesses in technology, financial services, education, healthcare, manufacturing, Government, telecommunications, retail and other industries. A wide range of questions captured hard data about phishing, insider threats and Office 365, as well as the related business impacts in terms of security spending and the cost of breach episodes.

Overall, the study indicates that, while most IT professionals are more confident about their e-mail security systems than they were a year ago, e-mail attacks continue to have a significant impact on businesses. e-mail attacks are having a direct business impact and impacting the personal lives of IT security professionals. 74% of respondents said as much. The most common effects cited were loss of employee productivity, downtime and business disruption, as well as damage to the reputation of the IT team.

Nearly 75% of respondents reported experiencing higher stress levels, worrying about potential e-mail security even when they’re not at work and being forced to work nights and weekends to address e-mail security issues.

Phishing and ransomware are top concerns. 43% of organisations have been the victim of a spear phishing attack in the past 12 months. Also, breach costs and monetary losses are on the rise. 78% of organisations said that the cost of e-mail breaches is increasing. 66% claimed that attacks have had a direct monetary cost on their organisation in the past year. Nearly a quarter of respondents advised that attacks have cost their organisation $100,000 or more.

Employees appear to remain a major weak link in an organisation’s security defences. More than three-quarters of organisations said their employees are not good at spotting suspicious e-mails. There are also growing concerns about insider threats and Office 365. 79% of IT professionals said they’re worried about attacks and breaches stemming from inside the organisation, while 92% of Office 365 users harbour security concerns.

Based on the success and proliferation of email-based attacks, IT security professionals will need to stay focused on the evolution and escalation of phishing, ransomware and other threats and improve e-mail security that goes beyond the traditional gateway.

*Read the full report:

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts