Email security threats remain a pervasive issue for organizations large and small, according to a Tuesday report from Barracuda. Some 87% of IT security professionals said their company experienced an attempted email-based threat in the past year, while 35% said they have been hit by a ransomware attack, the report found.
Of the 634 executives and team members serving in IT security roles surveyed worldwide, 88% said the threat of ransomware remains a concern. Of those who were victims of ransomware in the past, 75% said that the attack originated via email. Another 32% said the attack originated via web traffic, while 23% said network traffic, according to the report.
With these rampant threats, IT security professionals agree on the necessity of employee training for protecting organizations against email-based attacks. All respondents said that end-user training is important to prevent attacks. However, that training is broken, and 98% of respondents said that there were better ways to train employees than traditional classroom-style education.
SEE: Electronic communication policy (Tech Pro Research)
Here are the four best ways to train employees on cybersecurity, according to the IT security pros surveyed:
1. Customized examples that are relevant to an employee's department and role (54%)
2. Unscheduled simulations of typical attacks (51%)
3. Training modules that employees can complete at their convenience (47%)
4. Rewards for those who take the right actions (28%)
For more tips on how to train employees on cybersecurity, click here.
Whatever training you decide to implement, a multi-layered approach to cybersecurity is critical for protecting any organization, and its employees, applications, and data.
Of companies that have been hit by ransomware, only 12% claim to have actually paid the ransom to unlock their files, the report found, while 88% said they did not pay. Large enterprises were more likely to pay up than small and mid-sized businesses. This is a bit surprising given past reports on companies paying exorbitant amounts to regain access to their systems, and could be a sign that more companies have backup solutions in place to recover critical data on their own, without paying, the report suggested.
As more organizations move to the cloud, the report also examined opinions around Office 365 email security. Larger businesses reported more concern about this than smaller businesses, perhaps because they have more data at risk on the platform, with broader deployments that include SharePoint, OneDrive, and other applications, the report noted.
For more tips on how to avoid ransomware attacks, click here.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- 87% of IT security professionals said their company faced an email-based security threat in the past year. — Barracuda, 2018
- 35% of IT security professionals have experienced a ransomware attack. — Barracuda, 2018
- 17 tips for protecting Windows computers and Macs from ransomware (free PDF) (TechRepublic)
- Atlanta, hit by ransomware attack, also fell victim to leaked NSA exploits (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Android Security and Privacy Starter Kit (Download.com)
- How to avoid ransomware attacks: 10 tips (TechRepublic)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.