Get Your Complimentary Copy of the Gartner Market Guide For Email Security 2021 – Don’t miss out on the recommendations here
Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.
Data is the lifeblood of a successful business, and email systems are the veins through which it travels. But new Forrester Consulting research commissioned by Tessian shows legacy solutions aren’t enough to protect this vital business organ…
Key insights from the study include:
While security and risk leaders have a lot to worry about, human error tops the list.
That’s because, on average, organizations experience between one and fifty employee-related email security incidents per month, depending on the company size. Nearly 40% report 10+ incidents a month.
Accidental data loss and business email compromise are most common, with nearly half of respondents saying they’ve experienced an incident in the past 12 months.
It’s no wonder 61% of our survey respondents think an employee will cause their next data breach.
So, how are they trying to solve the problem?
One thing is for sure: security leaders are trying to bolster their defenses, and they know email is every bit as crucial an environment to protect as network and databases. The problem is, built-in security controls and legacy technology alone aren’t enough to prevent human error. In fact, these solutions are actually creating more work for thinly-stretched security teams.
Over a third of firms say they’re wasting a precious amount of time, money, and effort combating email security challenges.
How much time? According to Forrester’s research, organizations spend up to 600 hours per month resolving employee-related email security incidents.
Alas, despite so much time and effort, over 75% of firms report that 20% or more email security incidents get past their existing security controls and, despite phishing simulations and ongoing security awareness training, roughly one-quarter report that 21% or more of employees have failed a phishing test in the past year.
Accidental data loss is a big problem, too with 24% saying they simply don’t have controls in place to prevent misdirected emails.
That’s a lot of risk, but it could be just the tip of the iceberg…
One-third say they lack visibility into threats and risky behaviors, proving traditional security solutions have inherent limitations when it comes to solving for risks posed by people.
In fact, according to Tessian’s State of Data Loss Prevention report, IT leaders working at organizations with 1,000+ people in the US estimate 480 emails are sent to the wrong person every year. In reality, Tessian found that an average of 800 emails are misdirected in organizations with 1,000 employees during a single year.
That’s a big difference…
Based on all of the above, it’s no wonder 42% of security and risk leaders are looking to improve their email security postures, and are specifically seeking solutions that allow them to gain visibility into risky human behaviors and build unique security identity and risk scores for each employee.
They then want to use this information to feed automated, ML-based threat detection systems to help them predict and protect against unknown threats.
This more “human” approach – called Human Layer Security – has been proven to work.
Human Layer Security (HLS) automatically detects and prevents threats by understanding human communication patterns and behavior, building a unique security identity for each and every employee, and continuously improving their security reflexes over time.
Security and risk leaders who take a Human Layer believe their email security posture is extremely effective at alerting the organization to potential attacks/threats from users’ risky behaviors or poor security decisions. Meanwhile, those who don’t take a Human Layer approach feel less control over business disruptions.
Want to learn more about the impact of Human Layer Security? Download the full study.
You can also book a demo to see Tessian’s Human Layer Security platform in action.