Get Your Complimentary Copy of the Gartner Market Guide For Email Security 2021 – Don’t miss out on the recommendations here

Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.

New Forrester Consulting Research Shows Human Layer Security is the Solution Security Leaders Have Been Looking For

  • By Tim Sadler
  • 05 November 2021

Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.

Data is the lifeblood of a successful business, and email systems are the veins through which it travels. But new Forrester Consulting research commissioned by Tessian shows legacy solutions aren’t enough to protect this vital business organ… 

 

Key insights from the study include:

 

  • Nearly 40% of organizations report 10+ employee-related email security incidents per month
  • 61% of our survey respondents think an employee will cause their next data breach
  • Over 75% of  firms report that 20% or more email security incidents get past their existing security controls
  • One-third say they lack visibility into threats and risky behaviors
  • Organizations spend up to 600 hours per month resolving employee-related email security incidents
  • 42% of security and risk leaders are looking to improve their email security postures

 

To err is human…

 

While security and risk leaders have a lot to worry about, human error tops the list. 

 

That’s because, on average, organizations experience between one and fifty employee-related email security incidents per month, depending on the company size. Nearly 40% report 10+ incidents a month.

 

Accidental data loss and business email compromise are most common, with nearly half of respondents saying they’ve experienced an incident in the past 12 months.

 

It’s no wonder 61% of our survey respondents think an employee will cause their next data breach. 

 

So, how are they trying to solve the problem?

 

Trying to solve the “people problem”

 

One thing is for sure: security leaders are trying to bolster their defenses, and they know email is every bit as crucial an environment to protect as network and databases. The problem is, built-in security controls and legacy technology alone aren’t enough to prevent human error. In fact, these solutions are actually creating more work for thinly-stretched security teams.

 

Over a third of firms say they’re wasting a precious amount of time, money, and effort combating email security challenges. 

 

How much time? According to Forrester’s research, organizations spend up to 600 hours per month resolving employee-related email security incidents.

 

Alas, despite so much time and effort, over 75% of firms report that 20% or more email security incidents get past their existing security controls and, despite phishing simulations and ongoing security awareness training, roughly one-quarter report that 21% or more of employees have failed a phishing test in the past year. 

 

Accidental data loss is a big problem, too with 24% saying they simply don’t have controls in place to prevent misdirected emails. 

 

That’s a lot of risk, but it could be just the tip of the iceberg…

 

One-third say they lack visibility into threats and risky behaviors, proving traditional security solutions have inherent limitations when it comes to solving for risks posed by people. 

 

In fact, according to Tessian’s State of Data Loss Prevention report, IT leaders working at organizations with 1,000+ people in the US estimate 480 emails are sent to the wrong person every year. In reality, Tessian found that an average of 800 emails are misdirected in organizations with 1,000 employees during a single year.

 

That’s a big difference…

The solution? Human Layer Security.

 

Based on all of the above, it’s no wonder 42% of security and risk leaders are looking to improve their email security postures, and are specifically seeking solutions that allow them to gain visibility into risky human behaviors and build unique security identity and risk scores for each employee. 

 

They then want to use this information to feed automated, ML-based threat detection systems to help them predict and protect against unknown threats.

 

This more “human” approach – called Human Layer Security – has been proven to work. 

 

What is Human Layer Security? 

 

Human Layer Security (HLS) automatically detects and prevents threats by understanding human communication patterns and behavior, building a unique security identity for each and every employee, and continuously improving their security reflexes over time. 

 

Security and risk leaders who take a Human Layer believe their email security posture is extremely effective at alerting the organization to potential attacks/threats from users’ risky behaviors or poor security decisions. Meanwhile, those who don’t take a Human Layer approach feel less control over business disruptions.

 

Want to learn more about the impact of Human Layer Security? Download the full study.

 

You can also book a demo to see Tessian’s Human Layer Security platform in action. 

Tim Sadler Chief Executive Officer and Co-Founder