Mimecast Limited, a leading provider of email protection and cyber resilience, recently announced the release of its “The State of Email Security” survey. As per the survey, companies faced unparalleled cybersecurity risk in 2020 as a result of the growing attack scale, a pandemic-driven digital transition of work, and overall inadequate cyber preparedness and training.

The fifth annual “The State of Email Security” study is centered on a global survey of 1,225 information technology and cybersecurity experts, and it is backed up by Mimecast's Threat Center result, which tracks over one billion emails every day.

Increasing Threat of Ransomware

In 2020, 86 % of responders said their businesses have suffered a market interruption, loss of income, or another setback as a result of insufficient cyber preparedness. Respondents described ransomware as the primary cause of these disturbances. Such observations include:

In the UAE, 78% said they had been affected by ransomware in 2020, a significant improvement from 66% in last year's "The State of Email Security" survey.

Companies affected by ransomware missed an average of six business days due to device slowdown, with 29% of businesses in the UAE reporting downtime lasting one week or longer.

Only 44% of ransomware affected people who paid threat agent ransom demands, but only 44% were able to retrieve their files. After paying the ransom, more than half of those who paid it never received their records again.

“The ransomware crisis rages on, and responses to and outcomes of recovery differ greatly. Many businesses are opting to pay ransoms rather than risking extensive market downtime and excessive consultancy costs by doing self-remediation — but this comes with its collection of threats, such as threat actors failing to keep their end of the agreement.

“Paying ransom often makes businesses an attractive target for additional attacks because they've shown a willingness to pay,” said Josh Douglas, vice president of Threat Intelligence.

Threat Actors take advantage of the pandemic

Although ransomware was a major issue for businesses in 2020, it was not the only one. Additional vulnerability patterns reported in Mimecast's "The State of Email Security" survey include:

· The volume of threats has increased by 64% year on year.

· Email use has increased in seven out of ten businesses.

· 40% of people surveyed reported an uptick in email spoofing behaviour.

In the UAE, 88% are worried about the threats faced by archived communications from teamwork platforms, in comparison to 71% internationally.

Both of these data sets can be traced to the pandemic: working from home expanded email and communication platform use, and threat actors capitalized on the emerging "digital workplace" with large waves of COVID-19-related social engineering attacks.

Lack of cyber preparedness

While facing an increased threat number, the study discovered that businesses are not performing well in terms of threat reduction. Such noteworthy results, along with 86% of local people who have experienced an absence of cyber readiness (compared to 79% worldwide), include:

In the UAE, half of those polled said their companies fell behind in one or two crucial areas of email protection infrastructure (comparison to 40% globally), leaving workers vulnerable to phishing, ransomware, company email compromise, and other threats.

Employee naiveté regarding cybersecurity is among the UAE respondents' biggest drawbacks, and just one in five respondents said they had regular (more than once a month) protection consciousness programs in place.

“Companies are aware that they are vulnerable, but they are unable to invest in the equipment and preparation needed to defend their environment.” Since too many businesses are increasingly embracing digital office styles, these sensitivity points are amplified. In this increasingly dispersed digital world, leaving workers untrained and vulnerable puts companies in danger of digital deception,” Douglas said.

Considering these parameters, it is not shocking that 75 % of UAE people surveyed believe email attacks will affect their company in the coming year. In 2020, 60% of those polled said they thought this way.