94 percent of organizations suffer email security incidents

According to a new study, 94 percent of global organizations have experienced email security incidents last year, up two percent from the year before.

The latest Email Security Risk Report from Egress looks at attitudes and approaches to email security, the evolution of risks, and the impact of incidents, based on responses from 500 cybersecurity leaders.

The report shows 58 percent of organizations have experienced account takeover incidents in the last 12 months, and 79 percent of these started with a phishing email that harvested an employee's credentials.

The impact of an email security incident can be severe for employees and their organizations. 96 percent of surveyed organizations experienced negative impacts from phishing attacks, which is a jump of 10 percent over last year’s report. Findings from the report show that leaders are taking a tough stance with employees caught by phishing attacks with negative outcomes for the people involved happening in 74 percent of companies. Indeed 39 percent of employees caught in phishing attacks have been fired.

There's also concern about the effect new tools, large language models, and generative AI could have on phishing attacks. 63 percent of respondents are being kept awake at night by deepfakes, and 61 percent by AI chatbots being utilized to create efficient phishing campaigns. This trend is expected to continue into 2024 and beyond, with organizations being encouraged to continuously review their defenses.

Jack Chapman, VP of threat intelligence at Egress, says, "The stats in this latest report are truly staggering; 94 percent of companies have experienced security incidents in the last 12 months, and 95 percent of cybersecurity leaders are stressed about email security. Organizations urgently need to adapt their approach, or risk finding themselves in the same position next year."

You can read more and get the full report on the Egress blog.

Image credit: Georgejmclittle / Shutterstock