The State of Email Security Report 2019

With email being the largest single attack vector on the planet, Mimecast understands the risks your organization faces when trying to defend against the daily scourge of threats; inbound, outbound and even internal too. We get this because we’ve been there. We use our knowledge from these experiences as fuel to help organizations keep their most prized assets safe.

Keeping your organization secure and productive shouldn’t be so hard. We’ll be the first to admit that we’ve got a pretty lofty goal when it comes to helping keep your organization safe through better email security and awareness, but we know it’s possible because we’ve done it before—and we do it every day for more than 34,000 clients.

We’re able to aid in this success because we understand organizations need more than just security: they need a cyber resilience plan. What is cyber resilience? The Cyber Resilience Think Tank—an independent group of cybersecurity experts and thought leaders—defines it as: “An organization’s capacity to adapt and respond to adverse cyber events – whether the events are internal or external, malicious or unintentional – in ways that maintain the confidentiality, integrity and availability of whatever data and service are important to the organization.”

Of course, no great plan was ever constructed without data. To help you create that plan, we’re thrilled to offer you the third annual State of Email Security (SOES) report that you can use as a reference for trends and risks that could impact your organization based on the latest research.

Think of the SOES report as your go-to guide that will help you shape your email security plan. The information provided here should help you take action and make effective, results-driven decisions about your own internal practices and policies. And, you can use the year-over-year results to benchmark trends that are key to your
organizational success.

Through this report, we’re investigating the most pervasive types of email threats, how security professionals perceive them and what they’re doing to combat them. Most importantly, you’ll get a list of actionable steps to improve your organization’s own email security and cyber resilience.

How this information was collected

Research firm Vanson Bourne conducted a Mimecast-commissioned global survey of 1,025 IT decision makers to gain useful insights into their experiences and outlook on the current state of email security. These participants were interviewed from December 2018 through February 2019 across the US, UK, Germany, Netherlands, Australia, South Africa and United Arab Emirates.

The key areas of focus included:

• Advanced Threats in Email
• Business Email Compromise
• Phising & Spear-phishing
• Malware
• Insider Threats
• Ransomware
• Business Disruption
• Awareness Training
• Threat Intelligence
• Resilience Strategies