Survey shows that the majority of organizations are moving to cyber resilience

Published: Thursday, 11 June 2020 08:39

Mimecast has published its fourth annual State of Email Security 2020 report, which summarizes responses from 1,025 global IT decision makers on the current state of cyber security.

Providing year-over-year comparisons, along with Mimecast’s analysis from the first 100-day period of the COVID-19 crisis, the report is designed to both offer insights into recent attack trends organizations are challenged with and to serve as a guide to drive continuous improvement to any organization’s cyber resilience strategy.

The findings in this year’s report shows that a large number of organizations are moving from older cyber security strategies towards cyber resilience. 77 percent of respondents said that they have or are actively rolling out a cyber resilience strategy. However, despite this 60 percent of respondents believe it is inevitable or likely they will suffer from an email-borne attack in the coming year.

“We’re seeing the same threats that organizations have faced for years playing out with tactics matched to world events to evade detection. The increases in remote working due to the global pandemic have only amplified the risks businesses face from these threats, making the need for effective cyber resilience essential,” said Joshua Douglas, vice president of threat intelligence. “It’s likely that cyber resilience strategies are lacking key elements, or don’t have any at all, depending on the organization’s maturity in cyber security. Security leaders need to invest in a strategy that builds resilience moving at the same pace as digital transformation. This means organizations must apply a layered approach to email security, one that consists of attack prevention, security awareness training, roaming web security tied to email efficacy, brand exploitation protection, threat remediation and business continuity.” 

Nearly half of organizations (49 percent) surveyed report anticipating an increase in web or email spoofing and brand exploitation in the next 12 months, and it is a rising concern. In fact, 84 percent of respondents feel concerned about an email domain, web domain, brand exploitation, or site spoofing attack.

Similar to years past, impersonation attacks, phishing attempts and ransomware continue to be a major problem, according to the research. 72 percent of report participants said phishing attacks remained flat or increased in the last 12 months and 74 percent report the same of impersonation attacks. This indicates that phishing is potentially becoming more difficult to stop or prevent due to more advanced tactics like spear-phishing.

Ransomware continues to wreak havoc, as just over half of respondents (51 percent) said ransomware attacks impacted their organization, citing data loss, downtime, financial loss and loss of reputation or trust among customers.

Read the report (PDF).