In this paradigm shift for business driven by the rapid transition to a remote workforce, there appears to be a real need for a shift in securing the digital premise in order to maintain, or even enhance, business continuity and success. AT&T Cybersecurity researchers have cited a “relationship between business success and a commitment to strong security”, reporting that 91% of companies that lag in cybersecurity miss revenue goals, while 57% of companies that lead in this increasingly critical area exceed revenue goals by over seven percent. 

With the heightened reliance on cloud email to fulfill remote workers’ communication needs, cyber risk - led by email risk - has never been greater. The majority of organizations lack layered supplementary email security defenses, leaving their users and key assets vulnerable to attack. The FBI reports that even with existing security defenses in place, 30% of phishing attempts are still opened by target users. As Cybersecurity Awareness Month comes to a close, we examine the most common and costly email security shortcomings - and how these weaknesses are short changing businesses’ success.

 

The Modern Email Threats Landscape is Characterized by Unprecedented Risk

Email risk has skyrocketed in this new remote work environment, as organizations scramble to modernize their infrastructure and move operations to the cloud. Cyber thieves are exploiting increased reliance on cloud email and misconfigurations due to rapid installs of Office 365 and G Suite to launch sophisticated new phishing campaigns designed to steal sensitive credentials and infect corporate systems with malware. 

Both the prevalence and effectiveness of phishing scams has drastically increased over the past eight months. There has been a 600% rise in phishing attacks due to COVID-19, and users are now three times more likely to click on a malicious link embedded in a phishing email and disclose their account credentials than they were pre-COVID. 

 

The Majority of Businesses are Unable to Meet Today’s Email Security Challenges 

The unfortunate reality is that as cyber criminals have advanced their methods, tactics and techniques for gaining access to sensitive information - and ultimately funds - the majority of businesses are struggling to defend their users and their data. Ponemon Institute security researchers report that there has been a drastic reduction in security posture since the pandemic began, with the number of organizations that feel they are effectively positioned against cyber attacks plummeting from 71% earlier this year to only 44%.

A lack of cybersecurity resources and expertise has proven to be one of the main challenges businesses face - and has been significantly worsened by this global crisis. Many businesses have admitted that they simply don’t know how to safeguard remote workers against modern email threats. Ponemon Institute research reveals that only 45% of organizations feel that they have an adequate budget to cover the increased risks created by the shift to a remote workforce, and only 39% report having adequate cybersecurity expertise available on staff. With these disheartening numbers, it is no surprise that 60% of organizations have already experienced at least one cyber attack during this pandemic.

 

Incompetant Email Security is Undermining Businesses' Success

Email security should be a universal priority - after all, over 90% of cyberattacks are launched via email and no business can afford the aftermath of a cyber attack or a breach. However, implementing an effective email security strategy offers benefits that extend far beyond simply mitigating disaster. At&T Cybersecurity researchers report that 91% of companies that lag in cybersecurity miss revenue goals, while 57% of companies that lead in this increasingly critical area exceed revenue goals by over seven percent - indicating that strong security and business success are inextricably tied. AT&T Cybersecurity states, “Leading organizations can weave strong cybersecurity into the business, IT, and organizational culture. This helps them be more aggressive with IT-driven business initiatives, knowing they can count on a strong security foundation.” The industry leader elaborates, “Despite their successes, leading organizations understand that security is a journey and not a destination. Therefore, they constantly assess progress, pinpoint areas of need, and strive for continuous improvement.” While implementing effective email security is an investment, it is an investment that continues to pay off, and organizations that invest heavily in security experience a much stronger return on investment (ROI) than organizations that cut corners.

 

The Solution: Set Your Organization Up for Success with Innovative, Managed Email Defenses

Securing business email against today’s advanced threats is no small task, and requires more than a piece of antivirus software, a spam filter, or the built-in ‘protection’ provided within Office 365 and G Suite. The default email security defenses offered in these platforms are primitive, single-layered and ineffective in detecting and blocking today’s sophisticated, complex threats like spear phishing and fileless malware. Despite built-in email protection, Osterman Research reports that 40% of Office 365 customers have experienced credential theft nevertheless. 

Defense-in-depth is imperative to fortifying cloud email. Combating modern email threats is a job that far exceeds the capabilities of any single security feature. Rather, this difficult yet exceedingly important task requires multiple innovative features and technologies such as malicious URL protection and email authentication protocols designed to work harmoniously in real-time with both each other and built-in cloud email defenses. To fortify the inbox and safeguard remote workers, Gartner security experts recommend “a strategic approach to security that layers inbound, outbound and internal detection and remediation”. The FBI also emphasizes the importance of layered email security defenses, stating: “Businesses should take immediate action to protect their users and their data in Office 365 by implementing critical supplementary layers of protection.” 

Businesses - especially those that lack IT resources and security expertise - can benefit immensely from implementing fully-managed email security services. Failure to deploy a solution accompanied by ongoing expert management, system monitoring and support frequently leaves organizations vulnerable to attack - even with supplementary email defenses in place. Guardian Digital CEO Dave Wreski explains, “An effective email security solution cannot simply be selected and purchased, leaving the responsibility of configuration and management in the hands of the administrator. Rather, securing business email is a continuous process that requires around-the-clock monitoring and maintenance by a team of experts, dedicated to understanding the evolving risks businesses face and applying the specific real-time guidance necessary to each individual business. Wreski elaborates, “Unfortunately, many email security solutions put the burden of setup, maintenance and system monitoring on the administrator.”

 

Next Steps

AT&T Cybersecurity research has confirmed that a weak email security strategy can greatly interfere with your business's success, and that implementing proactive, layered email security defenses can greatly enhance it. Ready to simplify administration, safeguard your remote workforce and set your business up for a secure, successful future? This is possible - and affordable - with Guardian Digital EnGarde Cloud Email Security - a threat-ready, fully-supported cloud email security solution. Get A Quote>

Blog Articles