83% of US organisations have reportedly exposed sensitive data, according to a national survey commissioned by Egress. In the survey, the vast majority of security professionals said that employees frequently do so via email.
Accidental data breaches
Respondents also ranked the top five most common technologies that have led to accidental data breaches. Overall, 51% said that external email services such as Gmail had caused this issue.
However, 46% also said that corporate email was the most common technology when it came to accidental breaches. According to the report, accidental sharing and the use of incorrect email addresses had led to breaches.
Email forwarding of sensitive data was also a common accident. Meanwhile, sharing attachments with hidden content and forwarding data to personal email accounts also led to breaches.
Malicious emails
Another report from Verizon found that 78% of people did not click on a single phishing campaign last year. The research also showed that, on average, 4% of targets in any given phishing campaign will click on the link.
Verizon also found that the more phishing emails someone has clicked, the more likely they are to do so again. “Today when security teams learn about email-borne attacks, for most companies, security incident response is a time-consuming, manual process", Asaf Cidon, VP of Content Security, Barracuda stated.
In fact, it can "take hours or days to identify and remediate, which can often lead to further spread of an attack,” Cidon added. In order to mitigate this threat, Barracuda has announced the introduction of Forensics and Incident Response.
Automated incident response
When it comes to cybersecurity, real-time protection is integral to reducing the consequences of an attack. Barracuda's new solution provides an automated incident response which therefore provides customers with a "faster, more efficient way to find, investigate, and remediate malicious emails."
“Barracuda Forensics and Incident Response allows us to find the emails that slip through the filters and remove them as needed,” Rick Cahoon, Director of Enterprise Security and Support at Wilbur-Ellis stated. Administrators can therefore send alerts to impacted users and remove malicious emails.
"When a suspicious email is reported, we can begin to and sometimes completely remediate the environment quickly. We can identify which users received the email, which users clicked on any bad links, and block future emails from the bad account — all in the same interface,” Cahoon concluded.
How are the motivations of bad actors changing? Listen to our podcast with renowned tech evangelist Dr. Andrew Aken to find out