Mimecast has released its third annual State of Email Security Report and has found that phishing attacks have lost companies money, data and customers. Including insights from 1,025 global IT decision-makers, the report found that social engineering attacks were on the rise.
According to the study, phishing attacks were the most prominent type of cyber-attack, with 94% of respondents having experienced phishing and spear-phishing attacks in the previous 12 months. Over half (55%) cited seeing an increase in that same period.
Most notably, the report found that impersonation attacks increased by over two-thirds (67%), with 73% of organizations impacted by impersonation attacks having experienced a direct loss. Specifically, 28% of businesses lost customers, 29% suffered financially and 40% lost data.
This surge has meant that people within organizations are losing confidence in their security. According to the report, 61% believe it is likely or inevitable their company will suffer a negative business impact from an email-borne attack this year.
“Email security systems are the frontline defense for most of attacks. Yet just having and providing data on these attacks is not what creates value for most respondents,” says Josh Douglas, vice president of threat intelligence at Mimecast. “Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect and not just focus on indicators of compromise which would only address past problems."
According to the company's announcement on the findings, the top five industries being impacted by impersonation attacks are financial, manufacturing, professional services, science/technology and transportation.
Other interesting statistics include:
- Ransomware attacks are up 26% in comparison to last year.
- Nearly 50% of respondents noted having downtime for two to three days.
- Just under a third experienced downtime for four to five days.