Report: The 2022 State of Email Security

by Security Centric, on 13/04/2022 4:57:04 PM

It's that time of year when the team over at Mimecast releases their much-anticipated State of Email Security report. Covering data that spans the entirety of 2021, the report surveyed 1400 IT decision makers on everything from email-based threats to cybersecurity budgets.

Overall, the report indicates that 2021 was one of the worst on record for cybersecurity threats, due in part to the ongoing effects of the global pandemic. The overall cost of a data breach has increased, and phishing attacks and ransomware were the main sources of frustration for defensive teams. 

In regards to overall business risk, a data point in the report for board-level attitudes on cyber risk from Gartner indicates that 88% of board members now consider cyber-based threats a significant organisational risk. 

Key Findings: 

Attack Types: 

  • 79% reported an increase in email volume at their organisation
  • 72% reported the number of email-based threats had risen during the last 12 months.
  • 96% acknowledge their organisation had faced a form of phishing attack in the past year (2021)
  • 75% were hurt by a ransomware attack (up from 61% the previous year)
  • Of those attacked with ransomware, 64% paid, yet 40% failed to recover their data.

Cyber Risk and Strategies: 

  • 98% are using or plan to use a brand protection service this year
  • 99% either have a system to monitor and protect against email-borne threats or are actively planning to roll one out
  • 80% believe their company is at risk due to inadvertent data leaks by careless or negligent employees
  • 96% of companies either have a cyber resilience strategy or are actively planning to put one in place
  • To counter brand spoofing, 89% of companies are making use of DMARC or plan to do so over the next 12 months

Cyber Budgets:

  • On average, 14% of IT budgets are allocated for cyber resilience
  • 95% say their cyber resilience has been impaired by insufficient funding

Overall, the information within the report further illustrates what's being seen in the threat landscape so far this year. Cyber threats are on the rise, and ensuring your cybersecurity strategies are in line with reducing your own organisational risk is the most effective way to protect it. Need help with your cybersecurity implementation or strategic planning? Contact us to speak with one of our knowledgeable team. 

Topics:Risk AssessmentPhishingRansomwareReport Roundup


Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe to Updates