No less than 88% of South African companies could have experienced phishing attacks in the past year. This is revealed in the third-annual State of Email Security report by Mimecast, a leading email and data security company.
The report includes insights from 1,025 global IT decision makers. As cybercriminals continue to use email as a primary vehicle to steal data and deliver advanced threats, the results of this research provide insights and trends around what’s affecting organisations the most and how they can improve their overall security posture.
Social engineering attacks are a rising concern for organisations, because they’re often one of the most difficult to control. Most notably, the report found that impersonation attacks increased by nearly two-thirds (62%) in comparison to the results in last year’s report. 69% of those organisations impacted by impersonation attacks experienced a direct loss, specifically loss of customers (27%), financial loss (20%) and data loss, which 27% of South African respondents cited as the thing that hurt their organisations the most. Phishing attacks were the most prominent, with 88% of South African respondents having experienced this attack in the previous 12 months, and 53 percent cited seeing an increase in this type of attack over the same time period.
Not only are email-based attacks on the rise, but they’re affecting how confident people are in their organisation’s cybersecurity defenses – and ultimately the ability to do their jobs. According to the report, 51 percent of South African respondents believe it is likely or inevitable their organisation will suffer a negative business impact from an email-borne attack this year. The report also found that business-disrupting ransomware attacks are up 23 percent in comparison to last year. Forty-three percent of respondents noted having downtime for two to three days, while a third experienced downtime of four to five days.
“Email security systems are the frontline defense for most of attacks. Yet, just having and providing data on these attacks is not what creates value for most respondents,” said Josh Douglas, vice president of threat intelligence at Mimecast. “Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect, and not just focus on indicators of compromise which would only address past problems. The Mimecast Threat Analysis Center was also able to identify the top 5 global industries being impacted by impersonation attacks which closely aligned with the findings in the report. Financial, Manufacturing, Professional Services, Science/Technology as well as Transportation Industries are top targets. Understanding these key pain points helps organisations build a more comprehensive cyber resilience plan.”