Research by OPSWAT discusses the state of email security amongst critical infrastructure organizations, finding that 80% of critical infrastructure organizations have experienced an email security breach within the last 12 months. Per 1,000 employees, the research found that organizations experienced the following each year:
- 5.7 successful phishing schemes
- 5.6 account compromises
- 4.4 data leakage incidents.
The research asserts that critical infrastructure organizations are valuable targets to cybercriminals, thus experiencing frequent attacks.
The report highlighted the current status of cybersecurity among critical infrastructure emails, finding that success metrics are low. 48% of critical infrastructure entities are not confident that current email defenses are sufficient to protect the organization from cyberattacks. 63.6% are not confident that the current email defenses are the best in class.
Yet, emails are the predominant attack vector among critical infrastructure organizations. A median of 75% of threats arrive via email, and for two of three critical infrastructure entities, the threats arriving via email range from 61% to 100%.