Remote Working Compromises Outbound Email

Uploaded on 2020-10-09 in FREE TO VIEW

There are many reasons behind data breaches and security risks but a significant problem arises because of remote working and stressed employees making simple mistakes and working from home environment is not ideal when it comes to maintaining a sensible email security. Due to growing number of need for online communication, email is a top security concern in 2020.

IT leaders have suffered significantly higher numbers of data breaches as a result of outbound email in the last 12 months.

According to a study carried out by Arlington Research commissioned by the Email Security specialist firm Egress, 93% of 538 IT leaders surveyed reported a breach in the past year due to an email error, with 70% of those believing remote working increases the risk of sensitive data being put at risk from outbound email data breaches.

  • They found that 93% of organisations had outward email breaches in the last year and that a breach happens every 12 hours.
  • Currently 94% organisations are sending far more emails because of the covid-19 virus working effects.

“Most importantly, these breaches have significant impacts. With 33% of organisations across Legal, Financial Services, Banking and Healthcare suffering direct financial repercussions from a serious breach, it’s clearly time for organisations to examine why their current approach to outbound email security isn’t preventing these incidents’, says the Report 

Egress CEO Tony Pepper has said the problem is only going to get worse with increased remote working and higher email volumes, which create prime conditions for outbound email data breaches of a type that traditional DLP tools simply cannot handle.

Organisations need AI and machine learning, to create a contextual understanding of individual users that spots errors such as wrong recipients, incorrect file attachments or responses to phishing emails, and the security needs to alerts the user before they make a mistake.

The most common breach types were replying to spear-phishing emails (80%), emails sent to the wrong recipients (80%) and sending the incorrect file attachment (80%).

Furthermore, almost two-thirds (62%) of businesses rely on people to identify outbound email data breaches, whilst 24% of IT leaders said the employee who sent the email would disclose their error. In terms of action taken, 46% of respondents said the employee who caused a breach was given a formal warning, while legal action was taken in 28% of cases. In 27% of serious breach cases, respondents said the employee responsible was fired.

Pepper said: “Relying on tired, stressed employees to notice a mistake and then report themselves or a colleague when a breach happens is unrealistic, especially given the repercussions they will face. With all the factors at play in people-led data breach reporting, we often find organisations are experiencing 10-times the number of incidents than they are aware of.

“It’s imperative that we build a culture where workers are supported and protected against outbound email breach risk with technology that adapts to the pressures they face and stops them from making simple mistakes in the first place.... As workers get used to more regular remote working and reliance on email continues to grow, organisations need to step up to safeguard both employees and data from rising breach risks.”

KeepNetLabs:         TechRadar:       Egress:        Infosecurity Magazine:

Cyber Security Intelligence recommends that businesses educate their employees regarding the negative effects of shadow IT and warn them that they can become victims of cyber threats.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. To register for a free demo click here > GoCyber

You Mighy Also Read:

Business Phishing Attacks Increase With Coronavirus:

 

« Too Many Employees Use Their Own Devices To Access Corporate Data
Improving SME Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Virtustream

Virtustream

The Virtustream Enterprise Class Cloud provides a secure, highly available, Infrastructure as a Service (IaaS) to enterprises and government customers.

ArmorText

ArmorText

ArmorText offers a seamless channel for communication and collaboration for organizations concerned with keeping communication data private and secure.

Allthenticate

Allthenticate

Allthenticate Single Device Authentication (SDA), enables seamless authentication in both the physical and digital words while unifying management in one easy-to-use interface.

Netacea

Netacea

Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

HENSOLDT Cyber

HENSOLDT Cyber

HENSOLDT Cyber introduces a paradigm shift to cyber security. Our products have been designed to ensure the integrity of embedded systems at the core: the operating system and the processor.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Bittnet Training

Bittnet Training

Bittnet Training is the leader in the IT Training market in Romania. We develop the IT skills of IT professionals as well as those who wish to start a career in IT.

Oasis Technology

Oasis Technology

Oasis Technology are experts in cyber security. In addition to pioneering the game-changing TITAN anti-hacking device, we provide extensive cyber security consulting services.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

Nullify

Nullify

Nullify is your automated security sentry that continuously finds and fixes security issues across your codebase.

Backblaze

Backblaze

The Backblaze Storage Cloud provides a foundation for businesses, developers, IT professionals, and individuals to build applications, host content, manage media, back up and archive data, and more.

Realm.Security

Realm.Security

Realm.Security is pioneering the creation of an easy-to-implement, simple-to-use security fabric solution that is purpose-built for cybersecurity.

Hydden

Hydden

Hydden gives security teams the ability to create a solid foundation to build a truly next-gen identity security practice by bridging the gaps between siloed teams and technologies.