Phishing attacks on the increase
Almost half of South African businesses have seen a sharp increase in targeted spear-phishing attacks in the past year.
This is according to Mimecast's second annual 'State of Email Security' report, which identifies the latest e-mail-borne threats facing industries and organisations of all sizes globally.
Mimecast conducted the research with Vanson Bourne on the state of organisations' cybersecurity, their expectations and needs, and what attacks they've seen an increase in.
Of the 800 global IT decision-makers surveyed, 85% have seen an increase in phishing attacks in the last 12 months, while a further 50% anticipate that they will suffer a negative business impact from an e-mail-borne attack this year.
Constantly evolving attacks
Peter Bauer, CEO of Mimecast, explains: "E-mail-based attacks are constantly evolving, and this research demonstrates the need for organisations to adopt a cyber resilience strategy that goes beyond a defence-only approach. This is more than just an IT problem. As per our research, most organisations say the internal threats are driven by careless employees (87%), compromised accounts (75%) or malicious insiders (68%)."
Bauer says, given these alarming figures, cybersecurity should be made top priority within the C-suite. "This requires an organisation-wide effort that brings together many stakeholders, puts the right security solutions in place and empowers employees, from the C-suite to the reception desk, to be the last line of defence.
"We found that only 12% of the surveyed organisations continuously train employees on how to spot cyberattacks, while a mere 40% feel that training staff is the best way to protect their organisation from e-mail-based cyberattacks. In addition, 46% admitted their management teams are not knowledgeable enough to identify and stop an impersonation attempt."
SA's biggest security concern
Similarly, the South Africa Phishing Response Trends Report, released earlier this year, found that local companies are at higher risk of data breaches stemming from phishing scams.
According to the report, a surge in e-mail-related threats are SA's biggest security concern. "More than 60% of the 100 companies surveyed have faced an e-mail threat more than once and nearly 20% of respondents received more than 500 suspicious e-mails weekly.
"Furthermore, nearly all respondents already have one security layer in place, with many respondents having more than four security layers in place. Around 95% of surveyed IT professionals plan to upgrade their phishing response and prevention," stated the report.
Simeon Tassev, MD and qualified security assessor at Galix Networking, notes that more local companies are gradually seeing the benefits of investing in cyber security initiatives: "2017 saw a boom in ransomware attacks and 2018 is likely to see more. Ransomware is now considered a thriving industry in shady circles, one which is driven by the thriving cryptocurrency market. Security awareness will be critical to organisational cyber security strategies; however, they may not be enough to combat attacks as they evolve."