Cost of Email-borne Security Attacks Exceeds $1 million

Barracuda Networks Inc., a provider of cloud-first security solutions, publishes today its 2023 Email Security Trends report that shows how email-based security attacks affect organizations globally. Seventy-five percent of the organizations surveyed for the report had fallen victim to at least one successful email attack in the last 12 months, with those affected facing average costs of more than $1 million for their most expensive attack. Twenty-three percent said the cost of email-based attacks has risen dramatically over the last year.

The Barracuda commissioned survey, conducted by independent research firm Vanson Bourne, questioned IT professionals from frontline to the most senior roles in companies with 100 to 2,500 employees, across a range of industries in the United States, Europe, the Middle East and Africa (EMEA) as well as Asia-Pacific (APAC) countries.

The fallout from an email security attack can be significant. The most widely reported effects were downtime and business disruption (affecting 44 percent of those that had been hit), the loss of sensitive, confidential, and business-critical data (43 percent), and damage to brand reputation (41 percent).

There were notable differences among industries. For example, financial services organizations were particularly affected by the loss of valuable data and money to attackers (cited by 59 percent and 51 percent of victims, respectively), while in manufacturing the top impact was the disruption of business operations (53 percent). For health care institutions the recovery costs involved in getting systems up and running again quickly were the most significant (44 percent).

Regardless of size or industry, however, organizations with more than half their employees working remotely faced higher levels of risk and recovery costs.

Organizations also feel underprepared to deal with the threat of malware and viruses (34 percent), advanced email attacks like account takeover (30 percent) and business email compromise (28 percent), and even more basic threats like spam (28 percent).

“Email is a trusted and ubiquitous communications channel, and that makes it an attractive target for cybercriminals. We expect email-based attacks to become increasingly sophisticated, leveraging AI and advanced social engineering in their attempts to get the data or access they want and evade security measures,” said Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda. “Email-based attacks can be the initial access point for a wide range of cyber threats, including ransomware, information stealers, spyware, crypto mining, other malware, and more. It is not surprising that IT teams around the world don’t feel fully prepared to defend against many email-based threats. Growing awareness and understanding of email risks and the robust protection needed to stay safe will be key in keeping organizations and their employees protected in 2023 and beyond.”

To get a copy of the report: https://barracuda.com/email-security-trends-report-2023. Check out Barracuda’s blog post on the topic: http://cuda.co/blg020823. For more information, visit barracuda.com.