Email might be the most important tool for every enterprise today, but it’s also becoming a weak link in terms of cybersecurity. According to a new study by network security giant Cisco, the hybrid workforce was targeted with more than 100 million email threats on a daily basis in September 2021 alone. Additionally, malicious remote access attempts grew by 2.4 times, the report said.
The Cisco study, which is part of the Global Hybrid Work Index, took into consideration data from aggregating anonymized customer data points from the company’s platforms. This includes video conferencing app Webex, networking platform Meraki and security platforms Talos, Duo and Umbrella, among others. A total of 39,000 respondents across 34 countries took part in the study.
“With a higher percentage of users outside the campus network, attacks are posing a greater risk to organizations. Email is still one of the most common attack vectors,” the report said.
Phishing- the go-to tool for cybercriminals
An August 2021 report by research firm Market Research Future (MRFR) said the email security market could grow to $6.8 billion by 2025, a compounded annual growth rate (CAGR) of 16.2% between 2021-2025.
In fact, phishing attacks, one of the oldest methods of email-based cybercrime, shows no signs of slowing down. Another September 2021 study by security firm Sophos showed that 83% of Indian organizations saw increased phishing emails targeting their employees in 2020.
There is no dearth of research to show that phishing and email security still needs to be on the topmost agenda for CISOs. A February report by the Anti-Phishing Working Group (APWG) showed that January clocked 2.45 million phishing attacks, an unprecedented high, while IBM X-force’s 2021 Threat Intelligence Index published in the same month showed a 33% spike in phishing related incidents.
“Phishing has been around for over 25 years and remains an effective cyberattack technique. One of the reasons for its success is its ability to continuously evolve and diversify,” said Chester Wisniewski, principal research scientist at Sophos.
How to mitigate?
In order to mitigate email threats, Cisco advised that enterprises utilize a platform approach, where an extended detection and response mechanism (XDR) can be used to detect malware or attacks once and block them across multiple channels. XDR refers to an email security protocol that automatically collects and correlates data across many layers, including the network, cloud workloads, endpoints, server and emails.