40% of enterprises experienced Office 365 credential theft, report finds

While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.

What attackers want when they hack email accounts Mark Risher, Google's director of product management for identity and account security, explains what hackers are looking for and how Google is ramping up account security.

Despite the promise of increased security cloud-hosted email solutions are thought to provide, an eye-watering 40% of enterprise respondents indicated that Office 365 login credentials have been compromised, according to a survey of 300 companies with more than 5,000 employees in the US and UK conducted by Cyren and Osterman Research, published Monday. On average—across all organizations surveyed—Office 365 credentials were compromised 3.7 times, with incidents more likely (54%) in the UK than in the US (34%).

Remediating compromise of Office 365 accounts consumes substantive amounts of staff time, with respondents indicating that their security staff spent 133 hours across all tasks related to addressing the vulnerability, including threat identification, remediation, communicating issues to staff, and related project management tasks. Manual removal of malicious emails by security staff is performed 6.5 times per month, on average, and removal of a single malicious email requires 15 minutes of dedicated security staff time, according to the report.

SEE: Office 365: A guide for tech and business leaders (free PDF) (TechRepublic)

Two-thirds of enterprises use at least one type of secure email gateway (SEG), with Office 365's Advanced Threat Protection (ATP) offering the most popular one, at 51%. Hardware-based SEG appliances were second-most popular at 49%, while virtual SEGs hosted on public cloud providers such as Azure or AWS, and cloud-based email security services were tied for third at 37%, according to respondents. Twenty percent of respondents use no additional security beyond the basic security features included in Office 365.

Malicious emails remain an ongoing security concern. Seventy-one percent of respondents indicated experiencing non-ransomware malware breaches, with an average of 7.2 attacks in the last 12 months. Forty-eight percent experienced phishing, with an average of just over one attack per quarter, while 30% experienced ransomware attacks, at an average rate of 0.9 breaches in the last 12 months.

There's a significant geographical disparity between ransomware victims, with 35% of US respondents falling victim to ransomware, while only 20% of UK respondents experienced this issue. 

For more, check out "Lateral phishing: Hackers are taking over business accounts to send malicious emails" and "Gone phishing: Why summer brings increased security threats to the enterprise" on TechRepublic.

Also see

Email security

maxkabakov, Getty Images/iStockphoto

By James Sanders

James Sanders is a staff technology writer for TechRepublic. He covers future technology, including quantum computing, AI/ML, and 5G, as well as cloud, security, open source, mobility, and the impact of globalization on the industry, with a focus on ...