Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Security managers are most concerned with the time it takes to respond to and remediate email threats. According to a new report by Cyren and Osterman Research, organizations are spending an average of 3,850 hours per year cleaning up compromises caused by email-borne attacks. This figure does not include the time spent investigating suspicious messages and removing confirmed threats from mailboxes to avoid additional compromises.

The study confirms that, despite investments in secure email gateways and user security awareness training, bad actors continue to use social engineering emails to breach organizations’ defenses. The resulting attack remediation requires 175 hours to resolve each breach, and the most common breach type is compromised Office 365 login credentials (account takeover).

However, this effort does not include the time spent investigating suspicious message alerts submitted by users and trying to remove confirmed threats from mailboxes before a distracted user falls for the scam. The inability to prevent scams, business email compromise and ransomware via email, and the ensuring time and effort to investigate and respond to threats, is a top concern for IT and cybersecurity leaders.

This bar chart shows the average annual number of breaches from email attacks. 89% of respondents said they've experienced an email breach in the previous 12 months, whereas 11% chose not to disclose.
This chart shows the average annual number of breaches from email attacks.

Most surprising is that the number of breaches caused by emails has increased compared to the previous Osterman Research survey, despite a greater number of cybersecurity staff per 1,000 email users (17 in 2022 compared to 2 in 2019).


Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

The report includes responses regarding organizations’ defenses against and responding to threats and compromises caused by malicious emails delivered to Microsoft 365 users. Osterman Research surveyed 226 organizations during February 2022 using a combination of online and telephone surveying. Respondents represent organizations across industries in the United States and the United Kingdom with an average of 3,862 employees.

Read the full report by Cyren and Osterman Research.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.