Study: 80% of organizations faced email breaches in the last year

A recent study reveals that 80% of critical infrastructure organizations fell victim to email-related security breaches last year.

What happened

A new study from Osterman Research and OPSWAT has revealed that 80% of organizations in critical infrastructure sectors experienced an email-related security breach within the past year. The findings point to widespread vulnerabilities in email security practices, with 63.3% of respondents admitting that their current approach to email security requires improvement. 

Going deeper

Email is a primary entry point for cyberattacks, with threat actors targeting vulnerabilities through phishing, malicious links, and harmful attachments. In the surveyed organizations, email-related threats frequently breached defenses, compromising both IT and operational technology (OT) systems. Despite this, more than half of respondents assume emails and attachments are benign by default, underestimating inherent email risks and potentially leaving their networks exposed.

The study found that, per 1,000 employees, organizations faced an average of 5.7 successful phishing incidents, 5.6 account compromises, and 4.4 data leakage events annually. Email-borne threats account for a median of 75% of cyberattacks in critical infrastructure, with up to 100% of threats arriving by email in some cases. Low confidence in current protections was evident, with only 34.4% of respondents fully compliant with relevant email regulations, such as GDPR, and 48% expressing doubts about their security measures’ effectiveness.

What was said

Yiyi Miao, Chief Product Officer at OPSWAT, indicated the need for a zero-trust approach to email security, stating, “The prevalence of email-related breaches poses a significant threat to critical infrastructure organizations, necessitating a shift to a stronger, prevention-based perimeter defense strategy against established communication and data exchange channels.” The study also stated an absence of advanced email security features, with many organizations lacking tools like Content Disarm and Reconstruction (CDR), URL scanning, and anomaly detection for emails.

FAQs

What are email-related security breaches?

Email-related security breaches happen when unauthorized parties gain access to sensitive information or systems through email. This can result from phishing attacks, malware-infected attachments, or weak email security measures. These breaches can lead to data theft, financial loss, and unauthorized access to critical systems.

What is phishing?

Phishing is a type of online scam where attackers disguise themselves as trusted contacts or companies—often through email—to trick people into sharing sensitive information, like passwords or credit card details. These messages often contain links to fake websites or malware attachments.

What is malware?

Malware, short for "malicious software," refers to any software designed to harm, disrupt, or gain unauthorized access to computers or networks. Common types of malware include viruses, ransomware, spyware, and trojans, all of which can compromise data and security.