echo ''

Virtru Security Insights

Join 10,000+ Security Professionals Who Receive Our Content Every Month

4 Enterprise Email Security Statistics That Might Scare You Straight

July 28, 2015

For far too many businesses, email security isn’t an issue until it suddenly is. Often, businesses won’t take threats against email seriously, believing that big data breaches only happen to large companies. Alternatively, many larger enterprises assume that email security is just something that’s already being taken care of — after all, if you have a security policy in place and you take care to remind your employees of best practices, what’s to worry about?

Yet, the reality is that 60% of companies have experienced a data breach of some kind in the last two years — many of which can be directly traced back to poor email security practices.

Your employees’ inboxes are potential gateways to your business, housing confidential information about your company, your employees, and your customers. If the vulnerability of that data doesn’t already have you worried, these 4 statistics might get you to take a much closer look at your company’s email security habits.

1. 87% of Senior Managers Upload Business Files to a Personal Email or Cloud Account

It doesn’t matter how strong your security standards are, or how much money you’ve dumped into the fanciest, most secure cloud storage systems — often, if they are too difficult or inconvenient for users to deal with, they just won’t use them.

We’d all like to think that those that hold upper management positions in our businesses have higher standards, especially when it comes to security, but the statistics don’t lie. In a Stroz Friedberg survey, almost three-quarters of office workers admitted to uploading their business files to personal accounts — and senior managers were even worse, with 87% of them failing to use their company’s servers to store sensitive company documents.

But wait! It gets worse: the same survey found that 54% of lower-ranking employees and 55% of those in senior leadership positions believe that security is IT’s problem — not theirs. Considering that all it takes is a single employee to send an unencrypted email with HIPAA-protected information in it for your company to eat a hefty fine, you might want to start a conversation about email security at your company.

2. Email Malware Creation is up 26% Year Over Year, with 317 Million New Pieces of Malware Created in 2014

In the 2000s, it seemed like there was always a new worm or trojan floating around in the wild. Looking back, that’s not all that surprising, considering most people had to be reminded on a near-constant basis that opening attachments wasn’t a good idea, and that there really wasn’t a nice man from Switzerland that was dying to give you a million dollars.

But that’s not a problem anymore, right? Wrong — in fact, there are more pieces of malware circulating now than there ever have been in the past. There are over 1.7 billion pieces of malware out there at the present that could potentially infect your inbox, and all it takes is one to put your company’s data at risk. Just one employee getting infected by a keylogger — a piece of software that, as the name implies, records your keystrokes — could lead to all sorts of havoc. While passwords are obviously vulnerable to such an attack, so are credit cards, social security numbers, and any other bit of information that an employee might type in a given day.

Think your expensive enterprise antivirus software will protect you? Probably not, as over a million new pieces of malware are injected into the wild daily, many of which manage to go undetected for weeks.

3. Hackers Targeted 5 out of 6 Large Companies Using Email Attacks Last Year — an Annual Increase of 40%

If your business has over 2,500 employees, consider yourself a prime target. While small and medium-sized businesses certainly face many email security threats, large businesses tend to be bigger targets simply because of their size. With more employees come more potential vulnerabilities — and a bigger payoff if you’re able to snag a password to an email account. This is why spear phishing is such a serious threat to large corporations. In a spear phishing attack, a large batch of phishing emails are launched against a specific organization, usually by blanketing an entire domain with emails targeted at overeager employees.

Investigators now suspect that a spear phishing attack might’ve been how hackers gained access to Sony Pictures last year. Stuart McClure, CEO of Cylance, alleged that the attack was due to a phishing attack targeted at Apple IDs. Once a user with sufficient credentials was tricked, hackers had a way into Sony’s servers.

4. Cybercrime has a 1,425% ROI

Crime might not pay, but cybercrime absolutely does. While “hacktivists” might be motivated by politics or bringing about social change, there’s no denying that money is the primary motivator for most hackers. From ransomware to stealing credit card numbers, there are plenty of ways for black hat hackers to take advantage of your poor security practices to make a quick dime.

With such a huge monetary return for hackers, you don’t have to be a huge corporation or a big-time brand to become a target. In fact, attacks against small businesses (who don’t necessarily have the IT and security resources of a larger corporation) are becoming more frequent.

This is especially true for attacks against email, as smaller companies usually don’t put as much thought into their inboxes, believing that email security is just something that will natively be taken care of for them by their vendor.

How Virtru Can Protect Your Email Security

If you want to dial up your company’s email security practices, your best bet is to embrace email encryption. When you encrypt your email, the data within is scrambled, readable only to those with the proper key.

In the past, adopting encryption meant fiddling with digital certificates and juggling private and public keys, but with Virtru, all you need is a login and a plugin. Once Virtru is installed every email you send can be effortlessly encrypted with the flip of a switch. Virtru provides effortless client-side encryption, meaning that not only is your data hidden from hackers, it’s hidden from everyone else as well, giving you complete control over your inbox.

Are you ready to get serious about email security? Download Virtru today for free and see how easy it is to protect your inbox.