Intelligent CISO Issue 72 | Page 27

EDITOR ’ S question

HOW CAN ORGANISATIONS

ENSURE A PROACTIVE AND COMPREHENSIVE APPROACH TO EMAIL SECURITY THAT MINIMISES RISK AND ALLEVIATES STRESS ?

rganisations remain vulnerable to

O advanced phishing attacks , human error and data exfiltration , according to Egress ’ Email Security Risk report . A majority ( 93 %) of the cybersecurity leaders who were surveyed for this report stated their organisation had suffered an email security incident in the last 12 months , while 99 % of cybersecurity leaders admitted to being stressed about email security .

Further research from the adaptive cloud email security company highlights that organisations remain highly vulnerable to outbound security risks . The 500 cybersecurity leaders who were independently surveyed for the report revealed their organisations remain vulnerable to outbound data loss and exfiltration by employees . They also shared that they are reliant on legacy approaches to preventing these incidents , depending on static email data loss prevention ( DLP ) and retrospectively inspecting audit logs to alert them to incidents that have already happened . damage . Over half ( 58 %) had to cease operations while incidents were investigated , impacting organisational efficiency and the bottom line . In 49 % of organisations , client relationships were damaged from breached confidentiality , and just under one-quarter ( 22 %) lost customers .
Phishing threats of the future
Phishing continues to evolve as cybercriminals work to further automate and improve their tactics . Nearly three-quarters ( 72 %) of surveyed cybersecurity leaders said they were concerned about the use of AI to craft better phishing emails and campaigns . There ’ s potential for AI-powered chatbots to rapidly produce an increased volume of highly convincing phishing emails and for deep fake technology to add video and voice capabilities that can be used in combination with text-based phishing and as part of vishing attacks .
In its Email Threat Landscape 2024 report , outbound email is a source of breaches for almost every organisation – 91 % of the surveyed cybersecurity leaders stated their organisation had experienced security incidents caused by outbound email data loss within Microsoft 365 in the last 12 months . Overall , these incidents were a result of employees breaking the rules or making mistakes while simply trying to get their jobs done , with the top three causes :
• Exfiltrating data for work purposes , such as sending data to personal accounts
• Accidentally sending emails and files to an incorrect recipient
• Exfiltrating data for personal gain , for example taking data to a new job
Every organisation that had its internal information barriers breached experienced disruption and
WWW . INTELLIGENTCISO . COM 27