Remote Working Compromises Outbound Email

Uploaded on 2020-10-09 in FREE TO VIEW

There are many reasons behind data breaches and security risks but a significant problem arises because of remote working and stressed employees making simple mistakes and working from home environment is not ideal when it comes to maintaining a sensible email security. Due to growing number of need for online communication, email is a top security concern in 2020.

IT leaders have suffered significantly higher numbers of data breaches as a result of outbound email in the last 12 months.

According to a study carried out by Arlington Research commissioned by the Email Security specialist firm Egress, 93% of 538 IT leaders surveyed reported a breach in the past year due to an email error, with 70% of those believing remote working increases the risk of sensitive data being put at risk from outbound email data breaches.

  • They found that 93% of organisations had outward email breaches in the last year and that a breach happens every 12 hours.
  • Currently 94% organisations are sending far more emails because of the covid-19 virus working effects.

“Most importantly, these breaches have significant impacts. With 33% of organisations across Legal, Financial Services, Banking and Healthcare suffering direct financial repercussions from a serious breach, it’s clearly time for organisations to examine why their current approach to outbound email security isn’t preventing these incidents’, says the Report 

Egress CEO Tony Pepper has said the problem is only going to get worse with increased remote working and higher email volumes, which create prime conditions for outbound email data breaches of a type that traditional DLP tools simply cannot handle.

Organisations need AI and machine learning, to create a contextual understanding of individual users that spots errors such as wrong recipients, incorrect file attachments or responses to phishing emails, and the security needs to alerts the user before they make a mistake.

The most common breach types were replying to spear-phishing emails (80%), emails sent to the wrong recipients (80%) and sending the incorrect file attachment (80%).

Furthermore, almost two-thirds (62%) of businesses rely on people to identify outbound email data breaches, whilst 24% of IT leaders said the employee who sent the email would disclose their error. In terms of action taken, 46% of respondents said the employee who caused a breach was given a formal warning, while legal action was taken in 28% of cases. In 27% of serious breach cases, respondents said the employee responsible was fired.

Pepper said: “Relying on tired, stressed employees to notice a mistake and then report themselves or a colleague when a breach happens is unrealistic, especially given the repercussions they will face. With all the factors at play in people-led data breach reporting, we often find organisations are experiencing 10-times the number of incidents than they are aware of.

“It’s imperative that we build a culture where workers are supported and protected against outbound email breach risk with technology that adapts to the pressures they face and stops them from making simple mistakes in the first place.... As workers get used to more regular remote working and reliance on email continues to grow, organisations need to step up to safeguard both employees and data from rising breach risks.”

KeepNetLabs:         TechRadar:       Egress:        Infosecurity Magazine:

Cyber Security Intelligence recommends that businesses educate their employees regarding the negative effects of shadow IT and warn them that they can become victims of cyber threats.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. To register for a free demo click here > GoCyber

You Mighy Also Read:

Business Phishing Attacks Increase With Coronavirus:

 

« Too Many Employees Use Their Own Devices To Access Corporate Data
Improving SME Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

Keyfactor

Keyfactor

Keyfactor is a leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform seamlessly orchestrates every key and certificate across the enterprise.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

Cryptshare

Cryptshare

Cryptshare is a communication solution that enables you to share e-mails and files of any size securely.

FutureCon Events

FutureCon Events

FutureCon produces cutting edge events aimed for Senior Level Professionals working in the security community, bringing together the best minds in the industry for a unique cybersecurity event.

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

Sydeco

Sydeco

Sydeco offer a complete range of products that secure computer and industrial networks, servers, programs and data against any type of computer attack.

Sencode Cyber Security

Sencode Cyber Security

Sencode provides a range of IT security solutions and services, including penetration testing and cyber awareness training to help mitigate the growing risks to your corporate infrastructure.

Nemstar

Nemstar

Nemstar is a specialist in Information Security & Cyber Training with over 25 years' industry experience.

Entech

Entech

Entech is a managed IT service provider. We work behind the scenes on your network to ensure data security and integrity.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.

EVVO LABS

EVVO LABS

EVVO Labs empower your business with the latest IT capabilities to get you ahead of your competitors. We are experts at converging technologies to build your digital transformation.