Microsoft 365 targeted as businesses struggle to block email threats
A new study commissioned by email security company Cyren from Osterman Research seeks to understand how businesses using Microsoft 365 for email are being impacted by email-borne security threats, such as phishing, business email compromise (BEC), and ransomware attacks.
It shows security team managers are most concerned that current email security solutions do not block serious inbound threats -- particularly ransomware. Fewer than half of organizations surveyed rank their currently deployed email security solutions as effective.
It's unsurprising then that 89 percent of organizations experienced one or more successful email breaches during the last 12 months. Compared to Cyren's previous survey, ransomware attacks increased by 71 percent, Microsoft 365 credential compromise attacks increased by 49 percent, and phishing attacks increased by 44 percent.
Half of organizations are now using an automated email client plug-in for users to report suspicious email messages for analysis by trained security professionals, up from 37 percent in the previous survey.
Michael Sampson, senior research analyst at Osterman, explains why MS365 is such an attractive target, "It's a key place for threat actors to seek to compromise. It's widely used, but secondly if you're able to capture the credentials for an email account it no longer just gives you access to just Exchange. Given the bundled services that are part of Microsoft 365 You also get access to everything that the individual can get access to on SharePoint, and OneDrive, in Teams, and everything else that is in your organization."
Training is seen as key to tackling the threat and more than 99 percent of organizations now offer training at least annually, with one in seven doing so monthly or more frequently. In organizations offering training every 90 days or more often, the likelihood of employees falling for a phishing, BEC, or ransomware threat is much less than organizations only training once or twice a year.
More frequent training also leads to more messages being reported as suspicious, and a higher share of these suspicious messages proving to actually be malicious after analysis by a security professional.
Use of third-party email security tools is also becoming more commonplace too. Four out of five respondents indicate their organization is currently using or has previously used a third-party secure email gateway solution in conjunction with Microsoft 365. Only one in five organizations has never used a third-party solution.
The full report is available on the Cyren blog.