Enterprise Strategy Group Report Exposes Inadequate Protection of Legacy Email Security Against Evolving Threats

The recently released Armorblox and Enterprise Strategy Group (ESG) report reveals a concerning trend in the inability of legacy email security solutions to effectively protect against a range of threats. Legacy email security solutions lack of capabilities raises concern over the proper ability to protect organizations against a wide range of targeted threats. The ESG report highlights how these primary security controls are falling short: inaccurately stopping spam, malware, phishing, and BEC attacks, a significant belief from respondents that misaddressed emails bypassed primary email security solutions, and lack of trust in legacy tools’ ability to safeguard against accidental or malicious data loss.

## Targeted Threats Continue to Bypass Legacy Security Layers

Respondents indicated that spam/malware (39%) and phishing attacks (34%) evaded these primary security controls, indicating that current solutions are not sufficiently equipped to detect and prevent these types of threats. Furthermore, over a quarter of respondents believe misaddressed emails bypassed primary email security solutions, highlighting a weakness in protecting against accidental data loss.

The data also highlights the prevalence of more sophisticated attacks, such as wire transfer fraud, payroll fraud, payment fraud, and other BEC attacks, and suggests the lack of current security measures not keeping pace with the evolving tactics used by cybercriminals –– as over a quarter of respondents believe these attacks were able to penetrate security controls. Also concerning is the  percentage of respondents who indicated threats that resulted in unintentional sensitive data leakage and internal account compromise/takeover.

![](https://a.storyblok.com/f/52352/1684×704/d3d67fa3f9/esg-blog-\_-05-18-fig-1-2x.png)

*Fig 1: Threats likely to have penetrated controls over the past year \[source: Enterprise Strategy Group, a division of TechTarget, Inc. eBook, The Freedom to Communicate and Collaborate, April 2023.\]*

## Better Data Leak Protection & Improved Native Email Filters Remain Focus for Organizations of All Sized

The data captured by Armorblox and ESG highlights the top priorities going into the next year for communication and collaboration security controls across organizations. 

Smaller organizations are showing a focus on the importance of protecting against both insider threats and external cyber attacks. For organizations with 100-499 employees, 21% of respondents will prioritize improving unintentional sensitive data leakage detection and prevention due to employee error, while 37% will focus on improving spam and malware filtering.

For organizations with 500 – 4,999 employees, (20%) will prioritize the need to improve unintentional sensitive data leakage detection and prevention due to employee error, while 36% will prioritize improving spam and malware filtering.

Interestingly, for organizations with 5,000 or more employees, 30% will prioritize improving unintentional sensitive data leakage detection and prevention, while only 23% will focus on improving spam and malware filtering. It is possible that these organizations already have established security measures in place, or they may have different security priorities altogether.

![](https://a.storyblok.com/f/52352/1684×616/f9a6828ba2/esg-blog-\_-05-18-fig-2-2x.png)

*Fig 2: Organization’s priorities for communication and collaboration security controls over the next 12 months \[source: Enterprise Strategy Group, a division of TechTarget, Inc. eBook, The Freedom to Communicate and Collaborate, April 2023.\]*

Protecting against insider threats and external cyber attacks should be a key focus for organizations who are looking to safeguard sensitive data and maintain trust with their customers and stakeholders. Regardless of organization size, these priorities maintain top concerns for implementing better communication and security controls, and improved native email filters remain critical concerns.

### **Read the full analysis of the challenges that organizations face in securing their communication channels by downloading the full ESG report.**

Recent Posts

CRM Backup Trends to Watch on World Backup Day

With World Backup Day approaching, many organizations are increasing their attention to potential security threats and blindspots in their backup…

2 hours ago

Exclusive: Waffle House Risk Index 1.0 Open For Public Comment Period

In collaboration with the WF Command Center, AZT has developed a new risk index designed to simplify communication associated with…

2 hours ago

Industrial Enterprise Operational Technology Under Threat From Cyberattacks

One in four industrial enterprises had to temporarily cease operations due to cyberattacks within the past year, suggesting operational technology…

3 hours ago

Is your roadmap prioritizing memory safe programming languages?

Cybersecurity agencies from five different national governments put out a plea in December for developers to use memory-safe programming languages.…

5 hours ago

Prioritizing Vulnerabilities: A Growing Imperative

Did a security breach just become your biggest nightmare? It’s a harsh reality for many companies. A whopping 76% of…

5 hours ago

Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Alert

NSFOCUS CERT has detected that details and a proof-of-concept (PoC) tool for a Linux kernel privilege escalation vulnerability CVE-2024-1086, have…

6 hours ago