Email continues to be the most popular attack vector, via organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering) or beyond the organization’s perimeters (the domains they own and their brands via impersonation). Cyber threat actors and threat groups are continuously researching and testing out new tactics, techniques, and procedures (TTPs) in an attempt to overcome and exploit this increasingly sophisticated and complicated technology.
To add to the complexity, many global corporations have been forced to adopt remote working policies for office-based employees to help ensure the safety of the workforce during the COVID-19 pandemic, and threat actors have followed them home. An increase in the variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain personal and confidential information. The annual State of Email Security report 2020 gives you an overview of the current landscape we are all facing and a guide to help drive continuous improvement to your cyber resilience strategy.
Staying secure against ransomware isn’t just about having the latest security solutions. People are invariably the weakest link in cyber security, with human error causing 90% of cyber data breaches in 2019 according to government figures, and cybercriminals are experts at exploiting normal human behaviours for their own personal gain. Therefore, good IT security practises are essential components of every organisation’s security setup.