Mimecast has announced the results of its third quarterly Email Security Risk Assessment (ESRA) that noted a continued challenge of securing organizations from malicious attachments, dangerous files types, impersonation attacks, as well as spam – with nearly a quarter of “unsafe” email being delivered to users’ inboxes. Among the email security services assessed, the tests found that using Mimecast in conjunction with prominent cloud-based email service providers, including Google G Suite and Microsoft Office 365, would substantially improve results by blocking thousands more email-borne attacks. The report indicates the need for organizations to enhance their cyber resilience strategies for email with a multi-layered approach that includes a third-party security service provider.
“To achieve a comprehensive cyber resilience strategy, organizations need to first assess the actual capabilities of their current email security solution. Then, they should ensure there’s a plan in place that covers advanced security, data management and business continuity, as well as awareness training to the end user, which combined help prevent attacks and mitigate business impact,” said Ed Jennings, chief operating officer at Mimecast. “These quarterly Mimecast ESRA reports highlight the need for the entire industry to work toward a higher standard of email security.”
To date, Mimecast’s ESRA reports have inspected the inbound email received for 62,323 email users over a cumulative 428 days. More than 45 million emails were inspected, all of which had passed through the incumbent email security system in use by each organization – of this, 31 percent were deemed “unsafe” by Mimecast. These assessments have uncovered more than 10.8 million pieces of spam, 8,682 dangerous file types, 1,778 known and 503 unknown malware attachments and 9,677 impersonation emails to date.
Many organizations have a false sense of security believing that a single cloud email vendor can provide the appropriate security measures to ensure protection from email threats. This quarterly ESRA report strongly indicates the need for organizations to consider third party email security services to more effectively secure their email and increase their overall cyber resilience.