Download PDF version Contact company

Egress, the provider of human layer data security solutions, released their 2020 Outbound Email Data Breach Report, which highlights the true scale of data security risks related to email use. 93% of IT leaders surveyed said that their organization had suffered data breaches through outbound email in the last 12 months. On average, the survey found, an email data breach happens approximately every 12 working hours.

Rising outbound email volumes due to COVID-19-related remote working and the digitization of manual processes are also contributing to escalating risk. 94% of respondents reported an increase in email traffic since the onset of COVID-19 and 70% believe that working remotely increases the risk of sensitive data being put at risk from outbound email data breaches.

The study, independently conducted by Arlington Research on behalf of Egress, interviewed 538 senior managers responsible for IT security in the UK and US across vertical sectors including financial services, healthcare, banking and legal.

Insights from the report

Key insights from respondents include:

  • 93% had experienced data breaches via outbound email in the past 12 months
  • Organizations reported at least an average of 180 incidents per year when sensitive data was put at risk, equating to approximately one every 12 working hours
  • The most common breach types were replying to spear-phishing emails (80%); emails sent to the wrong recipients (80%); incorrect file attachments (80%)
  • 62% rely on people-led reporting to identify outbound email data breaches
  • 94% of surveyed organizations have seen outbound email volume increase during COVID-19. 68% say they have seen increases of between 26 and 75%
  • 70% believe that remote working raises the risk of sensitive data being put at risk from outbound email data breaches

Root cause of breach incidents

In terms of the impact of the most serious breach incident, on an individual-level, employees received a formal warning

When asked to identify the root cause of their organization’s most serious breach incident in the past year, the most common factor was “an employee being tired or stressed”. The second most cited factor was “remote working”.

In terms of the impact of the most serious breach incident, on an individual-level, employees received a formal warning in 46% of incidents, were fired in 27% and legal action was brought against them in 28%.

At an organizational-level, 33% said it had caused financial damage and more than one-quarter said it had led to an investigation by a regulatory body.

Traditional email security tools

In one-third of the most serious breaches suffered, employees had not made use of the technology provided

The research also found that 16% of those surveyed had no technology in place to protect data shared by outbound email. Where technology was deployed, its adoption was patchy: 38% have Data Loss Prevention (DLP) tools in place, while 44% have message level encryption and 45% have password protection for sensitive documents.

However, the study also found that, in one-third of the most serious breaches suffered, employees had not made use of the technology provided to prevent the breach.

Outbound email security risks mitigation

Organisations need technologies, like machine learning, to create a contextual understanding of individual users"

Egress CEO Tony Pepper comments: “Unfortunately, legacy email security tools and the native controls within email environments, such as Outlook for Microsoft 365, are unable to mitigate the outbound email security risks that modern organizations face today. They rely on static rules or user-led decisions and are unable to learn from individual employees’ behavior patterns. This means they can’t detect any abnormal changes that put data at risk – such as Outlook autocomplete suggesting the wrong recipient and a tired employee adding them to an email.” 

This problem is only going to get worse with increased remote working and higher email volumes creating prime conditions for outbound email data breaches of a type that traditional DLP tools simply cannot handle. Instead, organizations need intelligent technologies, like machine learning, to create a contextual understanding of individual users that spots errors such as wrong recipients, incorrect file attachments or responses to phishing emails, and alerts the user before they make a mistake.”

Reporting of outbound email data breach

When an outbound email data breach happens, IT leaders were most likely to find out about it from employees

Organizations still cannot paint a full picture of the risks, relying on people-led reporting to identify email breaches, despite severe repercussions

When an outbound email data breach happens, IT leaders were most likely to find out about it from employees. 20% said they would be alerted by the email recipient, 18% felt another employee would report it, while 24% said the employee who sent the email would disclose their error.

However, given the penalties that respondents said were in place for employees who cause a breach, it is not guaranteed that they will be keen to own up, especially if the incident is serious. 46% said that the employee who caused a breach was given a formal warning, while legal action was taken in 28% of cases. In 27% of serious breach cases, respondents said the employee responsible was fired.

Safeguard both employees and data

Tony Pepper comments: “Relying on tired, stressed employees to notice a mistake and then report themselves or a colleague when a breach happens is unrealistic, especially given the repercussions they will face. With all the factors at play in people-led data breach reporting, we often find organizations are experiencing 10 times the number of incidents than their aware of."

"It’s imperative that we build a culture where workers are supported and protected against outbound email breach risk with technology that adapts to the pressures they face and stops them from making simple mistakes in the first place. As workers get used to more regular remote working and reliance on email continues to grow, organizations need to step up to safeguard both employees and data from rising breach risk.”

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

What New Technologies And Trends Will Shape Video Analytics?
What New Technologies And Trends Will Shape Video Analytics?

The topic of video analytics has been talked and written about for decades, and yet is still one of the cutting-edge themes in the physical security industry. Some say yesterday’s analytics systems tended to overpromise and underdeliver, and there are still some skeptics. However, newer technologies such as artificial intelligence (AI) are reinvigorating the sector and enabling it to finally live up to its promise. We asked this week’s Expert Panel Roundtable: What new technologies and trends will shape video analytics in 2021?

Tackling The Challenge Of The Growing Cybersecurity Gap
Tackling The Challenge Of The Growing Cybersecurity Gap

The SolarWinds cyberattack of 2020 was cited by security experts as “one of the potentially largest penetrations of Western governments” since the Cold War. This attack put cybersecurity front and center on people’s minds again. Hacking communication protocol The attack targeted the US government and reportedly compromised the treasury and commerce departments and Homeland Security. What’s interesting about the SolarWinds attack is that it was caused by the exploitation of a hacker who injected a backdoor communications protocol.  This means that months ahead of the attack, hackers broke into SolarWinds systems and added malicious code into the company’s software development system. Later on, updates being pushed out included the malicious code, creating a backdoor communication for the hackers to use. Once a body is hacked, access can be gained to many. An explosion of network devices What has made the threat of cyberattacks much more prominent these days has been IT's growth in the last 20 years, notably cheaper and cheaper IoT devices. This has led to an explosion of network devices. IT spending has never really matched the pace of hardware and software growth Compounding this issue is that IT spending has never really matched the pace of hardware and software growth. Inevitably, leading to vulnerabilities, limited IT resources, and an increase in IoT devices get more attention from would-be hackers. Bridging the cybersecurity gap In the author’s view, this is the main reason why the cybersecurity gap is growing. This is because it inevitably boils down to counter-strike versus counter-strike. IT teams plug holes, and hackers find new ones, that is never going to stop. The companies must continue fighting cyber threats by developing new ways of protecting through in-house testing, security best practice sources, and both market and customer leads. End-user awareness One of the key battlegrounds here is the education of end-users. This is an area where the battle is being won at present, in the author’s opinion. End-users awareness of cybersecurity is increasing. It is crucial to educate end-users on what IoT devices are available, how they are configured, how to enable it effectively, and critically, how to use it correctly and safely. Physical security network A valuable product that tackles cybersecurity is, of course, Razberi Monitor™, which is new to ComNet’s portfolio. Monitor™ is a software platform that provides a top-down view of the physical security network and ecosystem. Monitor™ is a software platform that provides a top-down view of the physical security network and ecosystem It monitors and manages all the system components for cybersecurity and system health, providing secure visibility into the availability, performance, and cyber posture of servers, storage, cameras, and networked security devices. Proactive maintenance By intelligently utilizing system properties and sensor data, Razberi’s award-winning cybersecurity software prevents problems while providing a centralized location for asset and alert management. Monitor™ enables proactive maintenance by offering problem resolutions before they become more significant problems. Identifying issues before they fail and become an outage is key to system availability and, moreover, is a considerable cost saving.

Hikvision Ensures Building-Wide Security And Optimising Parking Flow For Luxury Four-Star Hotel In Kigali
Hikvision Ensures Building-Wide Security And Optimising Parking Flow For Luxury Four-Star Hotel In Kigali

Security monitoring, intrusion detection, parking management, one installation of Hikvision technology can do all this, and more. Discover how the 2000 Hotel in Kigali is using Hikvision technology to make operations more secure and efficient on every floor of its luxury four-star accommodation. The 2000 Hotel in Kigali, Rwanda, is known as the ‘highest hotel in Kigali’, offering captivating views over the city and the mountains. Guests enjoy the hotel’s four-star luxury facilities for work and leisure, taking advantage of its central location in the heart of Rwanda’s bustling capital city. Security of hotel guests has always been paramount, and so soon after the hotel was built, the management team installed security cameras throughout. However, over time it turned out that the imagery captured simply wasn’t clear enough to be useful in many situations. Underground parking lot Unfortunately, we started to notice that goods were going missing in the supermarket, as well as in the warehouse" What’s more, there were further security issues following the opening of a new supermarket on the hotel’s second floor. “Unfortunately, we started to notice that goods were going missing in the supermarket, as well as in the warehouse,” explains Miao Zhang, the Managing Director, 2000 Hotel. “Sometimes we noticed cash was missing from the registers, too.” In addition to this, the hotel was seeking a more efficient way to manage its underground parking lot. “The hotel was using a guard to let people in and out of the parking lot, and to calculate payments. But with more than 500 spaces to look after, this took time, often causing traffic jams as visitors waited to leave. Plus, the parking fees were sometimes incorrect,” explains Jaden. “Consequently, the team decided to explore how technology might be able to help.” Intrusion alarm system The 2000 Hotel chose a complete Hikvision solution, featuring 70 security cameras, a 60-channel intrusion alarm system for the supermarket, and an entrance/exit and payment system for the parking lot. In the corridors of the hotel and in the supermarket, the team installed Hikvision Dome Network Cameras (DS-2CD2145FWD-I). These discreet cameras offer high-quality images, even in low light conditions. In the hotel lobby, the stairwells and in the supermarket, the team installed Hikvision Bullet Network Cameras (DS-2CD2T45FWD-I5), with extended zoom and infrared capabilities that are ideal for these larger spaces. At the supermarket checkouts, the team installed Hikvision Varifocal Bullet Network Cameras (DS-2CD2645FWD-IZS), which feature a motorised varifocal lens for close monitoring of this busy location. Varifocal IR bullet cameras Meanwhile, Hikvision Varifocal IR DarkFighter Bullet Cameras (DS-2CD5A26G0-IZS) were installed at the main entrance of the hotel and the supermarket. These feature a wide dynamic range, ensuring clear images even when the cameras are facing strong light. To protect the supermarket outside of opening hours, the 2000 Hotel installed a complete Hikvision intrusion alarm system. The alarm system contains a PIR sensor (DS-PD2-D15AME), which is installed near the window of the supermarket. If someone intrudes in from the window at night, the system will be triggered and an alarm will be issued. Not only that, there is also a panic alarm station (DS-PEA1-21) in the control room of the supermarket. If an emergency occurs, people can use the tool to realise alarm aid at the first time. ANPR video unit The 2000 Hotel is managing the whole solution through Hikvision IVMS-5200E software Finally, at the entrance and exit of the underground parking lot, the hotel installed the Hikvision ANPR Video Unit (DS-TCG227-A), along with barriers, a card station and an integrated payment system, also from Hikvision. The 2000 Hotel is managing the whole solution through Hikvision IVMS-5200E software. Thanks to the high quality Hikvision technology, live review is very clear, making it ideal to support the investigation of any security incidents. However, since cameras were installed, there have been fewer incidents to deal with. What’s more, the supermarket team are better equipped to respond in the event of an out-of-hours breach. “If an intruder triggers the alarm, the duty manager gets an instant alert on their phone with quick access to relevant footage. This gives them real peace of mind,” says Jaden Huang, the Project Manager from Hikvision. “Indeed, it’s possible to view the status of the whole hotel system from a laptop or phone.” Parking management solution Down in the basement parking lot, the Hikvision parking management solution is working effectively. “Parking has become faster and more automated. For example, barriers will open and close automatically when customers take or insert a card, and parking charges are automatically calculated. And there are no more jams on exit,” confirms Jaden. The 2000 Hotel team are working on a new building in Kigali, with construction almost completed. The plan is to use Hikvision technology here, too. Miao says “Hikvision has provided the 2000 Hotel in Rwanda with world-class video technology that solved a host of our security and operational challenges. They also offer excellent support in one centralised location. We fully appreciate their professional service, and look forward to continuing our working relationship.”