Email remains a powerful attack channel. It is an accessible, effective, and low-cost tool for cybercriminals to use. Email-based attacks also continue to evolve, harnessing AI and advanced social engineering techniques for increasingly sophisticated and stealthy attacks.
75% of the organizations surveyed for a 2023 email report say they have fallen victim to at least one successful email attack in the last 12 months, with those affected facing average costs of more than $1 million to recover from their most expensive attack.
Disruption, damage, and loss
The findings of the study show that the fallout from a successful email security attack can be significant and damaging.
The risks of remote work
Regardless of company size or industry, organizations with more than half their employees working remotely faced higher levels of risk and recovery costs. Organizations can’t always consistently enforce security policies on remote workers to ensure maximum protection and need to enable remote access for employees to carry out their day-to-day jobs. This not only increases the attack surface available to cybercriminals, but it can also significantly delay detection, response, and recovery from cyberattacks.
Organizations feel they are not fully prepared
With the high prevalence of email attacks, nearly 98% still feel under-prepared to deal with them. Around 34% feel poorly prepared to deal with data loss or malware and 28% feel that they are not even prepared to deal with less complex types of threats such as spam.
But it is not all bad news
Overall, organizations feel better prepared to deal with some of the more advanced threats like phishing and ransomware than they were when last surveyed three years ago.
Email is a trusted and ubiquitous communications channel, and that makes it an attractive target for cybercriminals. Email-based attacks can be the initial access point for a wide range of cyberthreats, including ransomware, information stealers, spyware, crypto mining, other malware, and more. Growing awareness and understanding of email risks and the need for robust protection is a positive starting point for email security in 2023. Contact us at Access Tech to get a cyber security assessment of your business, where we can then help you fill the IT gaps that leave you vulnerable to cyber criminals.