Nearly a quarter of delivered emails unsafe

Nearly a quarter of unsafe emails are passing undetected through organisations’ email security systems and being delivered to users’ inboxes, according to the latest quarterly Email Security Risk Assessment (ESRA) report from Mimecast.

For the report, Mimecast inspected more than 45 million emails over 428 days — all of which had passed through existing email security controls.

The company found that nearly 11 million of these — or 24.2% of the total — were either bad or likely bad.

The vast majority (more than 10.8 million, or 99.8%) of these were spam messages, but the false negatives also included 8682 dangerous file types, 1778 known and 503 unknown malware attachments and 9688 impersonation attacks.

The report found that even some of the top email cloud providers are missing commonly found advanced security threats and leaving their customers vulnerable to attack.

Mimecast commissioned research from Forrester Consulting late last year which found that only 5% of respondents are very confident in the overall security capabilities of their chosen email cloud provider, yet many do not have third-party email security services in place.

“To achieve a comprehensive cyber resilience strategy, organisations need to first assess the actual capabilities of their current email security solution,” Mimecast COO Ed Jennings said.

“Then, they should ensure there’s a plan in place that covers advanced security, data management and business continuity, as well as awareness training to the end user, which combined help prevent attacks and mitigate business impact.”

Follow us on Twitter and Facebook