Email is seen as the enterprise channel most vulnerable to attacks
The majority of organizations use six or more communication tools, across channels, with email being the single channel seen as the most vulnerable to attacks.
Of those responding to a new survey by Enterprise Strategy Group (ESG) and Armorblox of almost 500 IT and security professionals, 38 percent see email as the most vulnerable channel.
More than half of respondents report multi-vector, socially engineered attacks happening weekly (36 percent) or daily (16 percent). The level of concern is high for attacks evading security controls by leveraging siloed communication and collaboration tools (such as video conferencing, messaging, and shared calendars, project management/whiteboarding applications, file sharing and cloud storage) outside of email (69 percent).
"Organizations' top concerns when it comes to communication and collaboration tools are ransomware, phishing, and malware-based attacks," says Dave Gruber, principal analyst at ESG. "These threats are not unique to newer collaboration mechanisms and are also common in traditional email communications. This raises the question of whether expanding the use of collaboration tools simply increases the potential attack surface for bad actors. As organizations continue to adopt new technologies, it is crucial that they remain vigilant in their efforts to protect against these threats and ensure the security of their communication channels."
When asked about the risk associated with email communication include 39 percent of respondents say spam/malware and 34 percent cite phishing/spear phishing/malicious links as having evaded security controls. 27 percent of respondents say misaddressed emails have slipped past native security layers, while 26 percent say threats that penetrated security controls include wire transfer fraud, payroll fraud, payment fraud, other BEC attacks.
"Today's threat landscape is already challenging, but with the increasing sophistication of attacks, especially those using AI, it is concerning to see that primary email security solutions continue to fall short in providing the necessary protection," says DJ Sampath, co-founder and CEO of Armorblox. "We know that this lack of protection can have significant consequences, undermining the efficacy, compliance, and reliability of email communication. It's crucial that organizations take the necessary steps to strengthen their email security measures and ensure that they are able to keep pace with the evolving threat landscape, and the rise of AI-powered attacks."
The full report is available from the Armorblox site.
Photo Credit: Balefire/Shutterstock