With emails remaining the number one cyber threat vector, why are the two collaboration software suites still so cyber impotent?
Based on a Oct–Nov 2022 global survey of 1,700 IT and security decision-makers from 13 countries (including Singapore and Australia), a cybersecurity firm has released some of its own findings about the current state of cyber threats and email security.
Survey participants were from organizations ranging between 250 and 500 employees (15%) and more than 10,000 employees (9%) spread across 12 industrial sectors, including financial services (14%), technology and telecommunications (13%), retail (13%), healthcare (11%), manufacturing (9%) and the public sector (7%).
Among the findings reported were Top 10 takeaways distilled from the data:
- The world stands to lose US$8tn this year due to cybercrime. It takes more than nine months on average to discover and contain a data breach.
- To tame cyber threat risks, secure your email. It is the number one attack vector, with 82% of respondents reporting higher volumes of email; 74% seeing more email-based threats, and 76% expecting to face serious consequences from an email-based attack.
- The surge in the use of collaboration tools is creating another attractive target for the criminal set. Some 38% of SOES respondents indicated that the number of attacks due to collaboration tools was on the rise; 72% felt their organization will be damaged by a collaboration-tool-based attack, and 75% believed that the new threats posed by collaboration tools urgently needed to be addressed.
- To cut phishing risks, do a better job of training workers. Firms can never provide too much cyber awareness training.
- Spoofing is a problem; DMARC is the answer. With 91% of respondents’ firms receiving spoofed content and 44% noticing an increase in this method of fraud, Domain-based Message Authentication, Reporting and Conformance is the current prescription for tighter cyber vigilance.
- The layer of security provided by MS 365 and Google Workspace is too thin, according to 94% of SOES respondents citing nearly half of malicious email attachments based on MS 365 files.
- Cyber insurance cannot replace cyber preparedness. It may make financial sense to insure against cyber risk, but even the best cyber insurance can only compensate for damage that is already been done; it cannot prevent the damage from occurring in the first place. Only tight cyber preparedness plan can do that.
- Cybercriminals are using AI. so should your organization. Respondents reported more accurate threat detection (50%), better threat blocking (49%) and faster attack remediation (48%). With cybercriminals using AI to boost ransomware, email phishing scams and other attacks, cybersecurity leaders must to fight AI with AI.
- Corporate boards are finally paying attention to cybersecurity, but they still have many other priorities. More attention does not automatically translate into granting more resources for tightening cyber defenses. Even so, cyber-budget shortfalls have fallen into the single digits, and requests for bigger budgets have been given a serious hearing, according to the data.
- The ball is in CISOs’ courts now — make the most of this boardroom attention.
According to Stanley Hsu, Regional Vice President (Asia), Mimecast, which commissioned the survey: “With cyber threats having multiplied, organizations across the Asia Pacific are becoming increasingly sensitive to the danger they pose and are demonstrating a greater willingness to confront cybercrime. However, what is needed is a deeper understanding of these malicious threats and implement the right technologies to anticipate and be better prepared for future cyberattacks.”