ChannelLife India - Industry insider news for technology resellers
India
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Advanced Persistent Threat Protection
#
Cybersecurity
#
Email Security

Report: 80% of critical infrastructure hit by email breaches

Yesterday
Author image
By Shannon Williams, Journalist

OPSWAT has released a report detailing significant vulnerabilities in email security among critical infrastructure organizations, with 80% experiencing a related breach in the past year.

This report, titled "2024 Report: Email Security Threats Against Critical Infrastructure Organizations," was conducted by Osterman Research, a firm specialising in IT security and data management trends.

The study involved a survey of IT and security leaders within critical infrastructure industries. It revealed that despite advances in cybersecurity, 48% of the organisations surveyed lacked confidence in their existing email security measures. Additionally, 63.3% of respondents recognised the need to improve their email security strategies.

Email is a ubiquitous tool for communication and productivity, but it is also a key vector for cyber threats. Attackers often exploit vulnerabilities through phishing attempts, malicious links, and harmful attachments. These email-based threats, once infiltrated, can spread across networks, jeopardising both IT and operational technology (OT) environments. Alarmingly, more than half of respondents believed email messages and attachments to be benign by default, underestimating the risks associated with email communication.

Yiyi Miao, Chief Product Officer at OPSWAT, highlighted the urgency of adopting a zero-trust approach to email security. Miao stated, "This lax approach from survey respondents emphasises the need to adopt a zero-trust mindset.

"The prevalence of email-related breaches poses a significant threat to critical infrastructure organisations, necessitating a shift to a stronger, prevention-based perimeter defence strategy against established communication and data exchange channels," he said.

The report's key findings include:

  • Critical Infrastructure as a Target: 80% of critical infrastructure entities fell victim to email-related security breaches in the past 12 months, demonstrating their appeal to cyber criminal actors.
  • Persistent Vulnerabilities: Despite advancements in cybersecurity, 48% of organizations continue to lack confidence in their email security defences, leaving them open to potential cyberattacks.
  • Non-compliance Risks: A striking 65% of organisations do not meet regulatory standards, exposing themselves to significant operational and business risks.

The survey also identified a significant gap in advanced email security measures that could prevent threats from reaching users' inboxes. Notably, many organisations lacked essential mechanisms such as Content Disarm and Reconstruction (CDR), URL scanning for malicious indicators, and anomaly detection within email messages.

The report showed that organisations are increasingly acknowledging the necessity of bolstering their email security measures. In response to these challenges, OPSWAT has reaffirmed its commitment to providing critical infrastructure organisations across a wide range of industries and sectors with advanced, prevention-based cybersecurity solutions.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
AI & quantum computing: progress & future challenges
Radware named major player in IDC MarketScape WAAP report
Salesforce unveils Agentforce Partner Network to delivery specialised AI agents
Collaboration gaps threaten security, Skybox Security report finds
NinjaOne offers free tools to MSPs amid market pressures
Top stories
Crowdstrike unveils major Falcon Platform updates to streamline IT departments
Gartner study: 30% of enterprises to automate network by 2026
Tenable launches advanced solution for highly secure systems
HPE introduces ProLiant DL145 Gen11 server for edge efficacy
Veeam names Niraj Tolia new CTO after acquiring Alcion