61 percent of organizations are worried about email-borne threats
Email is still the main vehicle for cybercriminals to deliver threats according to a new report, and 61 percent of IT decision makers think their organization will suffer a negative impact from an email-borne attack this year.
The study from email and data security company Mimecast shows that impersonation attacks have increased 67 percent in comparison to the results in last year's report.
What's more, 73 percent of those organizations impacted by impersonation attacks say they have experienced a direct loss, specifically loss of customers (28 percent), financial loss (29 percent) and data loss (40 percent).
Phishing attacks are shown to be the most prominent type of cyber attack, with 94 percent of respondents having experienced phishing and spear phishing attacks in the previous 12 months, and 55 percent citing seeing an increase in phishing attacks over the same time period.
The report also finds that business-disrupting ransomware attacks are up 26 percent in comparison to last year. 49 percent of respondents report having downtime for two to three days, whereas 31 percent have experienced downtime for four to five days.
"Email security systems are the frontline defense for most of attacks. Yet, just having and providing data on these attacks is not what creates value for most respondents," says Josh Douglas, vice president of threat intelligence at Mimecast. "Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect, and not just focus on indicators of compromise which would only address past problems. The Mimecast Threat Analysis Center was also able to identify the top five industries being impacted by impersonation attacks which closely aligned with the findings in the report. Financial, Manufacturing, Professional Services, Science/Technology as well as Transportation Industries are top targets. Understanding these key pain points helps organizations build a more comprehensive cyber resilience plan."
The full report is available from the Mimecast site.