A recent Outbound Email Security Report from Egress found that, despite businesses' work to protect the external layer of their business from threats, human error is a leading cause of data breaches. This human error often comes from employees and can lead to misdirected email breaches and phishing attacks.
Here are a few stats from the report:
- 80% of organizations report sensitive data being put at risk due to the wrong recipient being added on an outbound email;
- 80% of organizations responding report that the wrong file had been attached;
- 80% said that employees had put sensitive data at risk by replying to a spear phishing email.
In addition, organizations reported an average of 180 incidents per year when sensitive data was put at risk, equating to approximately one every 12 working hours. More than three quarters of respondents (75%) cite situational factors as responsible for their most severe email data breach, for example remote working or an employee feeling stressed/tired.
Tony Pepper, CEO of Egress, said “Historically, many organizations have focused on securing their business from external threats such as hackers or phishing attacks. However, many are beginning to wake up to the fact that their biggest vulnerability exists inside the business – it’s their people. Human error is an inevitability – people make mistakes, and those mistakes can cause a data breach. From sending an email to the wrong person to adding the wrong file as an attachment, simple errors can have significant consequences for organizations. It’s time for organizations to get on the front foot with this issue and ensure that they have measures in place to prevent it. Advances in machine learning have meant that technology can mitigate many of the risks involved with insider data breaches. Education can only go so far – organizations must put a technical safety net in place for their employees.