With 82% of organizations facing an attempted email-based security threat in the past year, the impacts of these attacks are material and potentially harmful to the organization.

We’ve long been preaching about the prevalence of phishing and email-borne attacks. The latest data from the 2019 Email Security Trends Report from email security vendor Barracuda shows what the current state of email attacks looks like.

According to the report, successful email-based attacks are negatively impactful to the business:

  • 48% experienced a loss in employee productivity
  • 36% experienced business downtime and disruption
  • 20% incurred recovery costs
  • 16% experienced a loss of sensitive confidential or critical data

To boot, 28% of organizations say these attacks hurt the reputation of the IT team.

So, surely these organizations didn’t have proper security in place, right? Wrong. They were armed to the teeth – just like your organization:

  • 88% have virus/malware filters
  • 85% have spam filters
  • 68% have email authentication
  • 57% have URL protection
  • And the list goes on…

But the problem isn’t the tech – it’s the user. According to the report, three-quarters of organizations say employees aren’t good at spotting suspicious emails. With 43% of organizations being a victim of a spear phishing attack in the past 12 months, it’s imperative that these employees undergo continual Security Awareness Training mixed with Phishing Testing. It’s the combination of these two services that provide organizations with both a means to educate employees on how to avoid email-based attacks and test employees to make sure they’re becoming more secure in their practices.

Read the original article here: https://blog.knowbe4.com/email-attacks-are-having-a-major-impact-on-business-with-employees-seen-as-a-major-weak-link