Remote Working Compromises Outbound Email

There are many reasons behind data breaches and security risks but a significant problem arises because of remote working and stressed employees making simple mistakes and working from home environment is not ideal when it comes to maintaining a sensible email security. Due to growing number of need for online communication, email is a top security concern in 2020.

IT leaders have suffered significantly higher numbers of data breaches as a result of outbound email in the last 12 months.

According to a study carried out by Arlington Research commissioned by the Email Security specialist firm Egress, 93% of 538 IT leaders surveyed reported a breach in the past year due to an email error, with 70% of those believing remote working increases the risk of sensitive data being put at risk from outbound email data breaches.

  • They found that 93% of organisations had outward email breaches in the last year and that a breach happens every 12 hours.
  • Currently 94% organisations are sending far more emails because of the covid-19 virus working effects.

“Most importantly, these breaches have significant impacts. With 33% of organisations across Legal, Financial Services, Banking and Healthcare suffering direct financial repercussions from a serious breach, it’s clearly time for organisations to examine why their current approach to outbound email security isn’t preventing these incidents’, says the Report 

Egress CEO Tony Pepper has said the problem is only going to get worse with increased remote working and higher email volumes, which create prime conditions for outbound email data breaches of a type that traditional DLP tools simply cannot handle.

Organisations need AI and machine learning, to create a contextual understanding of individual users that spots errors such as wrong recipients, incorrect file attachments or responses to phishing emails, and the security needs to alerts the user before they make a mistake.

The most common breach types were replying to spear-phishing emails (80%), emails sent to the wrong recipients (80%) and sending the incorrect file attachment (80%).

Furthermore, almost two-thirds (62%) of businesses rely on people to identify outbound email data breaches, whilst 24% of IT leaders said the employee who sent the email would disclose their error. In terms of action taken, 46% of respondents said the employee who caused a breach was given a formal warning, while legal action was taken in 28% of cases. In 27% of serious breach cases, respondents said the employee responsible was fired.

Pepper said: “Relying on tired, stressed employees to notice a mistake and then report themselves or a colleague when a breach happens is unrealistic, especially given the repercussions they will face. With all the factors at play in people-led data breach reporting, we often find organisations are experiencing 10-times the number of incidents than they are aware of.

“It’s imperative that we build a culture where workers are supported and protected against outbound email breach risk with technology that adapts to the pressures they face and stops them from making simple mistakes in the first place.... As workers get used to more regular remote working and reliance on email continues to grow, organisations need to step up to safeguard both employees and data from rising breach risks.”

KeepNetLabs:         TechRadar:       Egress:        Infosecurity Magazine:

Cyber Security Intelligence recommends that businesses educate their employees regarding the negative effects of shadow IT and warn them that they can become victims of cyber threats.

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.This is especially important when working at home and it is a cyber training program we recommend and has had excellent reviews by some large organisations. To register for a free demo click here > GoCyber

You Mighy Also Read:

Business Phishing Attacks Increase With Coronavirus:

 

« Too Many Employees Use Their Own Devices To Access Corporate Data
Improving SME Cyber Security »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

CyberOne

CyberOne

CyberOne (formerly Comtact) offer a full stack cybersecurity service to ensure our customers understand the cyber maturity of their organisation.

Flexera

Flexera

Flexera is reimagining the way software is bought, sold, managed and secured.

Matta

Matta

Matta is a cyber security consulting company providing information security services and solutions including vulnerability assessments, penetration testing and emergency response.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

CYE

CYE

Utilizing data, numbers, and facts, CYE helps security leaders know what business assets are at risk and execute cost-effective remediation projects for optimal risk prevention.

Danish Maritime Cybersecurity Unit

Danish Maritime Cybersecurity Unit

The Danish Maritime Cybersecurity Unit is tasked with delivering the initiatives set out in the Cyber and Information Security Strategy for the Maritime Sector.

Rule4

Rule4

Rule4 is a global professional services firm that provides practical, real-world knowledge and solutions in areas including cybersecurity, AI, Machine Learning and industrial control systems.

Quantstamp

Quantstamp

Quantstamp are experts in Smart Contract Security Audits. We provide verification that your decentralized system works as intended.

Speedinvest

Speedinvest

Speedinvest is one of Europe’s most active early-stage investors with a focus on Deep Tech, Fintech, Industrial Tech, Network Effects, and Digital Health.

National Cryptologic Foundation (NCF) - USA

National Cryptologic Foundation (NCF) - USA

The National Cryptologic Foundation strives to influence the cryptologic future by sharing our educational resources, stimulating new knowledge, and commemorating our heritage.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

Swish Data Corp.

Swish Data Corp.

Swish delivers when the problems are complex, requirements are difficult, and the mission is absolutely critical.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.