IT professionals and threat management were analyzed in a recent report by Ironscales and Enterprise Security Group (ESG). Many tools are being utilized throughout the enterprise to enhance collaboration and communication as employees continue to work remotely or hybrid, and the use of unsanctioned apps adds to the shadow IT problem, increasing potential security risks.

Email remains the top security concern (38%) and is still viewed as the most vulnerable communication and collaboration tool within the enterprise. The research shows that within the past year, phishing attacks (34%) and business email compromise (BEC) scams encompassing wire transfer fraud, payroll fraud and payment fraud (26%) rank among the top threats that have successfully circumvented existing security measures.

Nearly a quarter (23%) of respondents say that their current email security strategy lacks comprehensive security awareness training and assessments. Additionally, a quarter of respondents indicated consistent concern regarding inbound email attacks that evade and breach native security controls.

While many respondents will continue to rely on native security controls provided by their cloud email solution provider, more than a third (34%) report already implementing additional third-party security controls to address these gaps, with another 46% planning to do so in the next 12 months.